Network operations 008
When a service fails to start on a Windows server, an entry is typically created in which of the following event logs?
On a Windows system, information about services, including successful service starts and failures, is recorded in the System event log. The Application, Security, and Setup logs typically do not contain this type of information.
Which of the following tasks is not considered to be part of an IT department's incident response plan?
Once a network infrastructure has been partially or completely destroyed, it is no longer a matter of incident response; the responsibility passes over to the disaster recovery plan, which requires a different set of policies. Stopping, containing, and remediating an incident are all considered incident response policies.
A rack diagram is typically ruled vertically using which of the following measurements?
Rack diagrams use vertical measurement called units, each of which is 1.75 inches. Most rack-mounted devices are one (1U), two (2U), or four units (4U) tall
Which of the following was created to provide logging services for the Unix sendmail program?
Syslog is a standard designed to facilitate the transmission of log entries generated by a device or process, such as the sendmail Simple Network Management Protocol (SMTP) server, across an Internet Protocol (IP) network to a message collector, called a syslog server. Netstat is a program that displays status information about a system's network connections; it does not provide logging services. SNMP is a protocol that carries network management information from agents to a central console; it was not created specifically for sendmail. The Cache Array Routing Protocol (CARP) enables proxy servers to exchange information; it does not provide logging services.
What is the width of a standard equipment rack in a datacenter?
19 inches
Account lockout policies are designed to protect against which of the following types of attacks?
A brute-force password attack is one in which the perpetrator tries as many passwords as possible in an effort to guess or deduce the right one. Account lockout policies are intended to prevent this type of attack by limiting the number of incorrect password attempts.
Which of the following is a term for a read-only copy of a data set made at a specific moment in time?
A snapshot is a read-only copy of a data set taken at a specific moment in time. By creating a snapshot and then backing it up, you can be sure that no data corruption has occurred due to version skew. A hot site is an alternative network location in which all hardware and software is installed and ready. Incrementals and differentials are types of backup jobs.
How does an autochanger increase the overall storage capacity of a backup solution?
An autochanger is a robotic device containing one or more removable media drives, such as magnetic tape or optical disk drives. The robotic mechanism inserts and removes media cartridges automatically so that a backup job can span multiple cartridges, increasing its overall capacity.
Which of the following are equivalent terms for the process of combining the bandwidth of two or more network adapters to increase the overall speed of the connection and provide fault tolerance? (Choose all that apply.)
Bonding, link aggregation, port aggregation, and Network Interface Card (NIC) teaming are all terms for the same basic technology, in which the bandwidth of multiple network adapter connections is joined to speed up transmissions. The technology also enables the network communication to continue if one of the adapters should be disconnected. Clustering refers to combining servers into a single unit, not network adapters.
Which of the following terms best describes the Security Information and Event Management (SIEM) process of consolidating log information from multiple sources?
In SIEM, data aggregation is a process of consolidating log information from multiple sources. Forensic analysis is a process of searching logs on multiple computers for specific information based on set criteria and time periods. Correlation is the process of linking logged events with common attributes together. Retention is the long-term storage of log data.
Routers using link states and Dijkstra's algorithm to calculate the lowest cost route to a specific destination can conceivably be running which of the following interior gateway routing protocols? (Choose all that apply.)
Link states and Dijkstra's algorithm are used by link state routing protocols, such as Open Shortest Path First (OSPF) and Intermediate System - Intermediate System (IS - IS). Routing Information Protocol (RIP) and Enhanced Interior Gateway Routing Protocol (EIGRP) are distance vector protocols, which do not use link states. Border Gateway Protocol (BGP) is a distance vector protocol and an exterior (not interior) gateway protocol.
Which of the following is the term used to describe a wiring nexus that is typically the termination point for incoming telephone and Wide Area Network (WAN) services?
MDF
Which of the following are typical elements of a corporate password policy? (Choose all that apply.)
The longer the password, the more difficult it is to guess. Corporate policies typically require passwords of a minimum length. A larger character set also makes a password more difficult to guess, so requiring upper- and lowercase, numeric, and special characters is common. Changing passwords forces the attack process to start over, so policies typically require frequent password changes and prevent users from reusing passwords.
Which of the following utilities can display the number of packets sent and received for a specific network interface on a Unix, Linux, MacOS or Windows computer?
The netstat utility can display the incoming and outgoing packets for a specific network interface, as well as other statistics, depending on the operating system. Top and ifconfig are Unix/Linux utilities, and Nbtstat is a Windows tool.
Which of the following terms would apply to the procedure of adding a user's personal smartphone to the network under a Bring Your Own Device (BYOD) policy?
The process of adding a user's personal device and allowing it to access the company network is called on-boarding. Removing the personal device from the network would be called off-boarding. In-band and out-of-band are terms defining methods for gaining administrative access to a managed network device
Which of the following best describes the difference between cold, warm, and hot backup sites?
Which of the following best describes the difference between cold, warm, and hot backup sites?
Concurrent multipath routing (CMR) is a technique that provides which of the following benefits? (Choose all that apply.)
CMR is a technique in which routers transmit data packets using multiple routes to the destination. This provides load balancing and improved performance by spreading the transmission among multiple paths and a measure of fault tolerance because a failure of one route only endangers part of the data. Data encapsulation is not involved in the CMR process.
Which of the following data loss prevention terms is used to describe potential dangers of data loss or data leakage to unauthorized parties while the data is stored without being used?
Data at rest describes data that is currently in storage while not in use. Data in motion is the term used to describe network traffic. Data in use describes endpoint actions working with the data, and data on disk is not one of the standard data loss prevention terms
Which of the following data loss prevention terms is used to describe dangers pertaining to data while a user is loading it into an application?
Data in use is the data loss prevention term used to describe endpoint access, such as a user loading data into an application. Data in motion is the term used to describe network traffic. Data at rest describes data storage. Data in process is not one of the standard data loss prevention terms.
If you back up your network by performing a full backup every Wednesday at 6:00 p.m. and differential backups in the evening on the other six days of the week, how many jobs would be needed to completely restore a computer with a hard drive that failed on a Tuesday at noon?
A differential backup is a job that backs up all the files that have changed since the last full backup. Therefore, to restore a system that failed on Tuesday at noon, you would have to restore the most recent full backup from the previous Wednesday and the most recent differential from Monday.
The precise locations of devices in a datacenter are typically documented in which of the following documents?
Datacenters typically mount components in racks, 19-inch-wide and approximately 6-foot-tall frameworks in which many networking components are specifically designed to fit. A rack diagram is a depiction of one or more racks, ruled out in standardized 1.752-inch rack units, and showing the exact location of each piece of equipment mounted in the rack. Network maps, wiring schematics, and logical diagrams are documents that define the relationships between components, not their precise locations. A business continuity plan describes the organization's disaster prevention and recovery policies. An audit and assessment report is a document—often prepared by a third party—that summarizes the organization's security posture.
Which of the following is not one of the typical heights for devices mounted in IT equipment racks?
Devices designed to fit into IT equipment racks typically have heights measured in units. One unit equals 1.75 inches. Most rack-mounted devices are one (1U), two (2U), or four units (4U) tall.
Which of the following syslog message severity levels indicates that the message is purely informational?
Every syslog message includes a single-digit severity code. Code 6 indicates that the message is purely informational. Code 0 is the most severe, indicating an emergency that has rendered the system unusable. Severity code 2 is a critical condition message, and code 4 is a warning message. Code 7 is used strictly for debugging.
Disk mirroring and disk duplexing are both fault tolerance mechanisms for hard disk data storage. Which of the following statements about disk mirroring and disk duplexing is true?
Disk mirroring and disk duplexing both use multiple hard disk drives to store duplicate copies of all data. However, disk duplexing calls for each disk to be connected to a separate controller so that the data remains available despite a disk failure or a disk controller failure.
Which of the following is most likely to be the last step in a change management procedure?
Documentation
Which of the following is the most likely cause of Cyclic Redundancy Check (CRC) errors on an Ethernet network interface?
Electromagnetic interference is the likely cause of CRC errors. A network interface adapter malfunction can cause runts and giant frames. Collisions are normal on a half-duplex network, but CRC errors are not. Late collisions occur when network cables are too long, but they do not cause CRC errors.
Which of the following is not a First Hop Redundancy Protocol (FHRP)?
FHRPs provide a fault tolerant default gateway for network hosts by automatically failing over to an alternative router address in the event of a router failure. The Reverse Address Resolution Protocol (RARP) is a deprecated Internet Protocol (IP) address assignment protocol; it is not an FHRP. Common Address Redundancy Protocol (CARP), Virtual Router Redundancy Protocol (VRRP), and Hot Standby Router Protocol (HSRP) are all FHRPs.
Installing redundant firewalls in a parallel configuration between the internal network and the internet router, as shown in the accompanying graphic, provides which of the following benefits? (Choose all that apply.)
Fault tolerance, Load Balancing, Enhanced performance. Configuring the router to split incoming packets between the two firewalls provides load balancing and a resulting performance increase. If one firewall should fail, the parallel arrangement enables the other one to take over the processing of all incoming packets, providing fault tolerance. Two firewalls in parallel does not provide additional security.
How do account lockouts help to prevent intruders from cracking passwords?
How do account lockouts help to prevent intruders from cracking passwords?
At what humidity level do electronic components become vulnerable to damage from electrostatic shock?
Humidity prevents the buildup of static electricity that can cause discharges that damage equipment. Humidity levels of 50 percent or lower can cause equipment to be susceptible to electrostatic shock.
Which of the following is the most commonly recommended fire suppression system for a datacenter?
Hydrofluorocarbon (HFC) 125 is a heat-absorbing gas that is frequently used for fire suppression systems. Many large datacenters include HFC-125 total flooding fire suppression systems because the products resulting from the flame retardation process are less toxic than carbon dioxide and do not damage electric and electronic equipment as water and foam do.
Which of the following IT asset management documents published by the International Organization for Standardization (ISO) provides an overview of the ITAM concepts discussed in the ISO 19770 family of standards?
ISO 19770 is a family of IT Asset Management (ITAM) standards that defines procedures and technology for the management of software and related assets in a corporate infrastructure. ISO 19770-5 provides a general overview of the functions provided by the standards and their benefits to an IT infrastructure. The other standards define other ITAM elements, such as compliance with corporate governance (ISO 19770-1), creation and use of software ID (SWID) tags (ISO 19770-2), and resource utilization measurement (ISO 19770-4).
When monitoring performance metrics on one of your servers, you notice that the server is utilizing 100 percent of the network bandwidth available to it. What modification could you make to the server that will most likely address the problem?
If a server is using all of its network bandwidth, then the most logical solution is to add more. You can do this by installing a second network adapter and connecting it to a different subnet. The other solutions could conceivably address the problem, but their success is less likely.
If you have a server with dual power supplies, each of which is connected to a separate Uninterruptible Power Supply (UPS), with each UPS connected to a separate building power circuit connected to a backup generator, which of the following failures can the server survive and keep running indefinitely? (Choose all that apply.)
If one of the server's power supplies fails, the other will continue to function. If one of the UPSs fails, the server will continue to run using the other. If one of the building power circuit breakers trips, the server will continue to run using the other one. If the building's backup generator fails, the server will continue to run as long as the building still has outside power.
If you have a server with dual power supplies, one of which is plugged into a single Uninterruptible Power Supply (UPS) and the other into a wall socket with a surge protector, and the building's power circuit is connected to a backup generator, which of the following failures can the server survive and keep running indefinitely? (Choose all that apply.)
If one of the server's power supplies fails, the other will continue to function. If the UPS fails, the server will continue to use the power supply plugged into the wall socket. If the building's backup generator fails, the server will continue to run as long as the building still has outside power. If the breaker for the building power circuit trips, the server will run only as long as the UPS battery holds out.
Which of the following Security Information and Event Management (SIEM) processes performs searches for specific criteria, during specific time frames, in logs located on different computers?
In SIEM, forensic analysis is a process of searching logs on multiple computers for specific information based on set criteria and time periods. Data aggregation is a process of consolidating log information from multiple sources. Correlation is the process of linking logged events with common attributes together. Retention is the long-term storage of log data.
A network load balancing cluster is made up of multiple computers that function as a single entity. Which of the following terms is used to describe an individual computer in a load balancing cluster?
In a network load balancing cluster, each computer is referred to as a host. Other types of clusters use other terms. For example, in a failover cluster, each computer is called a node. The terms server and box are not used in clustering.
Which of the following statements about the differences between online and standby Uninterruptible Power Supplies (UPSs) are correct? (Choose all that apply.)
It is an online UPS that runs devices using battery power all the time so that there is no gap to the power supplied to devices during a failure. It is a standby UPS that switches devices to battery power during a main power failure. Both online and standby UPSs provide only enough power for an orderly shutdown of the devices.
Which of the following terms best describes a connectivity problem on wired networks that is caused by individual packets that are delayed due to network congestion, different routing, or queuing problems?
Jitter
When you configure NIC teaming on a server with two network adapters in an active/passive configuration, which of the following services is provided?
NIC teaming enables you to combine the functionality of two Network Interface Cards (NIC) in one connection. However, when you configure a NIC team to use an active/passive configuration, one of the network adapters remains idle and functions as a fault tolerance mechanism. If the other NIC should fail, the passive NIC becomes active. In this configuration, NIC teaming does not provide load balancing, server clustering, or traffic shaping.
Which of the following statements about network maps is true?
Network diagrams typically specify device types and connections, but network maps can also include IP addresses, link speeds, and other information. Network maps diagram the relationships between devices, and provide information about the links that connect them, but they are not drawn to scale and usually do not indicate the exact location of each device. Although universal accessibility would be desirable, there are individuals who should not have access to network maps and other documentation, including temporary employees and computer users not involved in IT work. A network map includes all networking devices, not just cable runs and endpoints.
Which of the following is the term usually applied to a representation of network devices, automatically compiled, and containing information such as IP addresses and connection speeds?
Network map
The term off-boarding refers to which of the following procedures?
On-boarding and off-boarding are identity management processes in which users are added or removed from an organization's identity and access management (IAM) system. Off-boarding revokes a user's privileges when he or she leaves the company. The term off-boarding does not refer to cluster management, disconnecting a switch, or retiring workstations.
The terms on-boarding and off-boarding are typically associated with which of the following policies?
On-boarding and off-boarding are identity management processes in which users are added or removed from an organization's identity and access management (IAM) system. This grants new users the privileges they need to use the network, modifies their privileges if they change positions, and revokes privileges when they leave the company. On-boarding and off-boarding are not data loss prevention, incident response, inventory management, disaster recovery, or business continuity processes.
Which of the following are valid reasons why online Uninterruptible Power Supplies (UPSs) are more expensive than standby UPSs?
Online UPSs run devices from the battery all the time, while simultaneously keeping the battery charged. There is therefore no switchover gap when a power failure occurs. Online UPSs do not necessarily run longer than standby UPSs, nor do they provide more protection again power spikes and sags. Both online and standby UPSs can be managed devices.
Which of the following statements about port aggregation is not true?
Port aggregation provides load balancing. Load balancing refers to the distribution of traffic between two or more channels. Port aggregation combines ports into a single logical channel with a single Media Access Control (MAC) address and provides greater throughput. Port aggregation also provides fault tolerance in the event of a port failure.
Installing an electrical generator for your datacenter is an example of which of the following fault tolerance concepts?
Power redundancy is a general term describing any fault tolerance mechanism that enables equipment to continue functioning when one source of power fails. A UPS is a device that uses battery power, not a generator. The term dual power supplies refers to the power supply units inside a computer, not a separate generator. The term redundant circuits refers to multiple connections to the building's main power, not to a generator.
Which of the following RAID levels does not provide fault tolerance?
Redundant Array of Independent Disks (RAID) is a technology for storing data on multiple hard disk drives, providing fault tolerance, increased performance, or both. The various RAID levels provide different levels of functionality and have different hardware requirements. RAID 0 uses data striping only (blocks written to each disk in turn), which does not provide any form of fault tolerance. RAID 1 provides disk mirroring, RAID 5 combines disk striping with distributed storage of parity information, and RAID 10 creates mirrored stripe sets—these three levels all provide fault tolerance.
You are installing a new Windows server with two hard disk drives in it, and you want to use RAID to create a fault-tolerant storage system. Which of the following RAID levels can you configure the server to use?
Redundant Array of Independent Disks (RAID) is a technology for storing data on multiple hard disk drives, providing fault tolerance, increased performance, or both. The various RAID levels provide different levels of functionality and have different hardware requirements. RAID 1 provides disk mirroring for fault tolerance and requires two or more disk drives. RAID 0 provides data striping only, with no fault tolerance. RAID 5 combines disk striping (blocks written to each disk in turn) with distributed storage of parity information for fault tolerance, but it requires a minimum of three disk drives. RAID 10 creates mirrored stripe sets and requires at least four disk drives.
Which of the following RAID levels uses disk striping with distributed parity?
Redundant Array of Independent Disks (RAID) is a technology for storing data on multiple hard disk drives, providing fault tolerance, increased performance, or both. The various RAID levels provide different levels of functionality and have different hardware requirements. RAID 5 combines disk striping (blocks written to each disk in turn) with distributed storage of parity information, for fault tolerance. RAID 0 provides data striping only. RAID 1 provides disk mirroring. RAID 10 creates mirrored stripe sets.
Which of the following is not a load balancing mechanism?
Redundant Array of Independent Disks (RAID) level 1 is a fault tolerance mechanism that is also known as disk mirroring. A storage subsystem writes data to two or more disks at the same time so that if a disk fails, the data remains available. Because data is written to the disks at the same time, this RAID level does not provide load balancing. NIC teaming balances a network traffic load among two or more Network Interface Cards (NICs), whereas server clustering and Domain Name Service (DNS) round-robin balance a traffic load among multiple servers.
You are working for a company with numerous branch offices scattered around the country, and you are required to travel to these offices frequently. Each branch office has some means of accessing the network at the company headquarters. Some use frame relay, some use Virtual Private Networks (VPNs), and a few even use dial-in access. During one trip, you mention to a branch office manager that you intend to connect to the headquarters network that night from your hotel room. The manager warns you that this is against company policy, but you are not so sure. Where in the company documentation should you look to confirm this?
Remote access policies specify when and how users are permitted to access the company network from remote locations. A Service Level Agreement (SLA) is a contract between a provider and a subscriber that specifies the guaranteed availability of the service. Acceptable Use Policies (AUPs) specify whether and how employees can utilize company-owned hardware and software resources. A privileged user agreement specifies the abilities and limitations of users with respect to the administrative accounts and other privileges they have been granted.
Which of the following statements about the Simple Network Management Protocol (SNMP) are not true? (Choose all that apply.)
SNMP is not the name of a network management product; it is just the name of the protocol that provides a framework for the interaction of the various components in a network management product. SNMPv1 uses a community string, but SNMPv2 does not. The interim version SNMPv2c retains the community string from version 1 in place of the new version 2 security system. When you see a network interface adapter, switch, router, access point, or other device that purports to be managed or that claims to have network management capabilities, this usually means that the device includes an SNMP agent. Most of today's network management products do support SNMPv3. In addition, many network management products that implement SNMPv3 also include support for the earlier, unprotected versions, such as SNMPv1 and SNMPv2c.
Which of the following technologies provides both real-time monitoring of security events and automated analysis of the event information gathered?
Security Information and Event Management (SIEM) is a product that combines two technologies: security event management (SEM) and security information management (SIM). Together, the two provide a combined solution for gathering and analyzing information about a network's security events. Simple Network Management Protocol (SNMP) is a technology that gathers information about managed devices.
Which of the following is not a fault tolerance mechanism?
Simple Network Monitoring Protocol (SNMP) is a means of tracking the performance and functionality of network components. Software or firmware components called agents are embedded in network devices and communicate with a central monitoring console. SNMP does not provide fault tolerance. An Uninterruptible Power Supply (UPS) is a battery backup device that enables a computer to continue functioning in the event of a power failure. Redundant Array of Independent Disks (RAID) level 1 is a disk mirroring mechanism that provides fault tolerance by maintaining duplicate copies of all stored data. Clustering is a mechanism by which multiple servers function as a single unit, running the same application, so that if a server should fail, the others continue to function.
You have been asked to draft an Acceptable Use Policy (AUP) for new hires at your company to sign, which specifies what they can and cannot do when working with the company's computers and network. Which of the following is not one of the provisions typically found in this type of document?
Software and hardware upgrades are typically not part of an AUP, because they are handled by the company's IT personnel. An AUP for a company typically includes a clause indicating that users have no right to privacy for anything they do using the company's computers, including email and data storage. An AUP usually specifies that the company is the sole owner of the computer equipment and any proprietary company information stored on it or available through it. The AUP also prohibits the use of its computers or network for any illegal practices, typically including spamming, hacking, or malware introduction or development.
Which of the following, originally created for the UNIX sendmail program, is now a standard for message logging that enables tools that generate, store, and analyze log information to work together?
Syslog is a standard designed to facilitate the transmission of log entries generated by a device or process, such as the sendmail SMTP server, across an Internet Protocol (IP) network to a message collector, called a syslog server. Network Monitor (Netmon) is a protocol analyzer. Netstat is a program that displays status information about a system's network connections. Top is a utility to display system processes. None of these provide logging services.
Which of the following indicators is typically not included in an operating system's performance monitoring tool, such as the Windows Performance Monitor or the MacOS Activity Monitor?
Temperature
You are the network administrator of your company's network. Your company wants to perform a baseline analysis of network-related traffic and statistics. They want to track broadcasts, Cyclical Redundancy Check (CRC) errors, and collisions for all traffic traversing a switched network. In addition, they want to provide historical and daily reports for management. They also want to keep track of software distribution and metering. What type of network software product best meets these needs?
The best solution is to implement Simple Network Management Protocol (SNMP). This includes a management console, agents, and Management Information Bases (MIBs). SNMP allows you to track statistical network information (historical and current) and produce reports for baseline analysis and troubleshooting. Some SNMP products also allow you to track software distribution and metering. Protocol analyzers are best used for troubleshooting problems in real time and are not used for software distribution and metering. Performance Monitor is a tool that allows you to track performance statistics for one system at a time and does not include software distribution and metering. There is no such product as a network traffic monitor
The change request for new graphics software that you submitted to your company's change management team has been approved. Now it is time to implement the change. Which of the following administrative tasks will most likely be the change management team's responsibility during the implementation process? (Choose all that apply.)
The change management team is usually not responsible for tasks directly involved in the implementation of the changes they approve. Therefore, they would not be the ones to notify users exactly when the change will take place or document the procedure afterward. They would, however, be responsible for providing a maintenance window, during which the change must occur, and authorizing any downtime that would be needed.
What are the three elements in the Grandfather-Father-Son media rotation system for network backups?
The generational media rotation system uses the terms grandfather, father, and son to refer to backup jobs that are run monthly, weekly, and daily. The jobs can be full, incremental, or differential, and the terms have nothing to do with whether the backup medium is a hard disk, optical, or any type of tape drive
The technical support clause of a Service Level Agreement (SLA) will typically include which of the following elements? (Choose all that apply.)
The technical support clause of an SLA typically defines the type of support that the provider will furnish, the time service for support, and the amount of support that is included in the contract, as well as the cost for additional support. An SLA will typically guarantee service ability in the form of a percentage, but this refers to problems at the provider's end and is not a customer technical support matter.
Which of the following metrics would you typically not find displayed by an interface monitor?
The term rollback refers to the process of uninstalling or downgrading an update patch; it has nothing to do with monitoring a network interface. An interface monitor does typically display the number of transmission errors that occur on an interface, the amount of the available bandwidth that the interface is using, and the number of packets that have been dropped due to errors or discards
After switching from a standard public switched telephone network (PSTN) telephone system to a Voice over Internet Protocol (VoIP) system, users are complaining of service interruptions and problems hearing callers at certain times of the day. After examining a network traffic audit and assessment report, you determine that traffic levels on the Internet connection are substantially higher during the first and last hours of the day, the same times when most of the users experienced problems. Which of the following solutions can provide more reliable VoIP service during peak usage times?
Traffic shaping is a technique for prioritizing packets by buffering packets that are not time sensitive for later transmission. You can use this technique to give VoIP packets priority over other types of traffic. Load balancing can conceivably improve the performance of a server, but it cannot help to relieve traffic congestion on the Internet link. The traffic congestion is on the Internet connection, not the LAN, so upgrading to Gigabit Ethernet will not help. SNMP is a protocol used by network management products; it will not relieve the traffic congestion problem
Ralph is designing the HVAC implementation for his company's new central datacenter, which will house all of the equipment for the corporate headquarters and the company's manufacturing facility. The datacenter must adhere to the Tier III standard defined by the Uptime Institute, which calls for at least 99.9 percent uptime. As part of the environmental infrastructure for the datacenter, Ralph plans to install sensors to monitor environmental factors that can affect computer equipment and generate alerts when conditions exceed accepted thresholds. Which of the following environmental factors is not one of those that Ralph should arrange to monitor to protect the equipment specific to a datacenter?
Unless there is a specific known threat at the datacenter location, radon is not one of the environmental factors that typically can affect equipment uptime and that needs to be monitored. Temperature, humidity, flooding, and static electricity, however, are factors that should be monitored in a datacenter, as variations of these elements can result in equipment damage and downtime.
Password policies frequently require users to specify complex passwords. Which of the following are characteristic of a complex password?
a mixture of upper- and lowercase letters, numerals, and symbols
Which of the following types of documentation should contain the chemical composition of all cleaning compounds used in a datacenter?
A Material Safety Data Sheet (MSDS) is a document created by manufacturers of chemical, electrical, and mechanical products, specifying the potential dangers and risks associated with them, particularly in regard to exposure or fire. A properly documented network should have MSDS documents on file for all of the chemical and hardware products used to build and maintain it. MSDSs can be obtained from the manufacturer or the Environmental Protection Agency (EPA). Electrostatic discharges (ESDs), Non-Disclosure Agreements (NDAs), Bring Your Own Device (BYOD) policies, and standard operating procedures (SOPs) are not concerned with the chemical composition of cleaning compounds.
Which of the following are places where network wiring connections are found? (Choose all that apply.)
A large enterprise network will—at minimum—have demarcation points for telephone services and a connection to an Internet Service Provider's (ISP's) network. In many cases, these services will enter the building in the same equipment room that houses the backbone switch. This room is then called the Main Distribution Frame (MDF). An Intermediate Distribution Frame (IDF) is the location of localized telecommunications equipment such as the interface between the horizontal cabling and the backbone. Mean Time Between Failure (MTBF) and Remote Desktop Protocol (RDP) are not locations of network wiring.
Which of the following statements are true about the differences between a diagram of a patch panel installation organized physically and one that is organized logically? (Choose all that apply.)
A physical diagram, in this case, represents the actual physical locations of the cable drops connected to the patch panels. A logical diagram uses artificial divisions that correspond to the organization of the company.
Which of the following is a document that a company's new hires might want to consult to determine whether they are permitted to install their own personal software on company computers?
AUP
Which of the following is the term used to describe a wiring nexus—typically housed in a closet—where horizontal networks meet the backbone?
An Intermediate Distribution Frame (IDF) is the location of localized telecommunications equipment such as the interface between a horizontal network, which connects to workstations and other user devices, and the network backbone. A large enterprise network will typically have demarcation points for telephone services and a connection to an Internet Service Provider's (ISP's) network. In many cases, these services will enter the building in the same equipment room that houses the backbone switch. This room is then called the Main Distribution Frame (MDF). Mean Time Between Failure (MTBF), Service Level Agreements (SLAs), and Memoranda of Understanding (MOUs) are not locations of network wiring.
For a complete restore of a computer that failed at noon on Tuesday, how many jobs would be needed if you performed full backups to tape at 6:00 a.m. every Wednesday and Saturday and incremental backups to tape at 6:00 a.m. every other day?
An incremental backup is a job that backs up all of the files that have changed since the last backup of any kind. Therefore, to restore a system that failed on Tuesday at noon, you would have to restore the most recent full backup from the previous Saturday and the incrementals from Sunday, Monday, and Tuesday morning.
Which of the following are occurrences that are typically addressed by an IT department's incident response policies? (Choose all that apply.)
Attacks, hardware failures, and crashes are all events that can be addressed by incident response policies that define what is to be done to analyze and remediate the problem. An electrical fire is typically not something that would be addressed by an IT department's incident response team; it is a job for trained firefighters. Once the fire is out, the company's response falls under the heading of disaster recovery.
You are starting a new job, and the company's Human Resources (HR) department has asked you to sign an Acceptable Use Policy (AUP) regarding computer and network use. The document includes a privacy clause. Which of the following are specifications you can expect to find in this clause? (Choose all that apply.)
Clauses regarding company property, including the copyrights and patents for the work performed for the company, typically do appear in an AUP but not in the privacy clause. This information would be more likely to appear in an ownership clause. The privacy clause commonly explains that the company has the right to access and monitor anything stored on its computers.
Which of the following disaster recovery mechanisms is the least expensive to implement?
Cold, warm, and hot backup sites differ in the hardware and software they have installed. A cold site is just a space at a remote location. The hardware and software must be procured and installed before the network can be restored. It is therefore the least expensive. A warm site has hardware in place that must be installed and configured. A hot site has all of the necessary hardware installed and configured. A warm site is more expensive than a cold site, and a hot site is the most expensive.
Which of the following is not likely to be a procedural element of an IT asset disposal policy?
Data preservation
A First Hop Redundancy Protocol (FHRP) is designed to dynamically alter which one of the following Internet Protocol (IP) configuration settings on a network host?
FHRPs provide a fault tolerant default gateway for network hosts by automatically failing over to an alternative router address in the event of a router failure. Protocols such as Virtual Router Redundancy Protocol (VRRP) and Hot Standby Router Protocol (HSRP) create a virtual router that hosts use for their default gateway. The virtual router contains the addresses of multiple physical routers, to which it sends packets transmitted by the hosts. This provides fault tolerance in the event that a router fails, and in some cases provides load balancing as well. FHRPs do not affect the hosts' IP addresses, subnet masks, or DNS server addresses.
Which of the following IT asset management documents published by the International Organization for Standardization (ISO) defines a standard for Software Identification Tags (SWIDs) containing inventory information about the software running on a computer or other device?
ISO 19770 is a family of IT Asset Management (ITAM) standards that defines procedures and technology for the management of software and related assets in a corporate infrastructure. ISO 19770-2 defines the creation and use of SWID tags, which are XML files containing management and identification information about a specific software product. The other standards define other ITAM elements, such as compliance with corporate governance (ISO 19770-1) and resource utilization measurement (ISO 19770-4).
Which of the following is not a type of error typically found in network interface statistics?
Jumbo frames is a feature supported by some Ethernet implementations that enable frames to exceed the 1500-byte maximum data payload defined in the IEEE 802.3 standard. Runt frames, giant frames, Cyclical Redundancy Check (CRC) errors, and encapsulation errors are all types of errors typically reported in network interface diagnostics.
Log management typically consists of which of the following tasks? (Choose all that apply.)
Logs frequently contain sensitive information, so securing them with the appropriate permissions is an essential part of log management. Logs also can grow to overwhelm the storage medium on which they are stored, so cycling is a technique for managing log size by configuring it to delete the oldest record each time a new one is added. Rollback and utilization are not log management tasks.
Which of the following media types is Windows Server Backup unable to use to store backed-up data?
Magnetic tape drives
A server with dual power supplies must be running in which of the following modes for the system to be fault tolerant?
Redundant mode A server with dual power supplies can run in one of two modes: redundant or combined. In redundant mode, both power supplies are capable of providing 100 percent of the power needed by the server. Therefore, the server can continue to run if one power supply fails, making it fault tolerant. In combined mode, both power supplies are needed to provide the server's needs, so a failure of one power supply will bring the server down. Individual mode and hot backup mode are not terms used for this purpose.
Which of the following network interface occurrences are considered to be malfunctions on a full-duplex Ethernet network? (Choose all that apply.)
Runts, Giants, Collisions, Late Collisions All of these occurrences are malfunctions on a full-duplex Ethernet network. Runt frames occur when a network interface generates packets that are smaller than the 64-byte minimum allowable length. Giants occur when frames are larger than the 1518-byte maximum allowable length. Collisions are normal on a half-duplex network, but on a full-duplex network, collisions are considered to be malfunctions. Late collisions occur when network cables are too long.
Which of the following terms defines how long it will take to restore a server from backups if a complete system failure occurs?
The Recovery Time Objective (RTO) specifies the amount of time needed to restore a server from the most recent backup if it should fail. This time interval depends on the amount of data involved and the speed of the backup medium. A Recovery Point Objective (RPO) specifies how much data is likely to be lost if a restore from backups should be necessary. This figure is based on the frequency of the backups and the amount of new data generated by the system. Business contingency planning (BCP) is an umbrella term for procedures enacted to keep the organization functioning in the event of a disaster. A Management Information Base (MIB) is a database used by Simple Network Management Protocol (SNMP) systems.
Which of the following U.S. organizations are capable of imposing international export controls on software products? (Choose all that apply.)
The U.S. government controls exports of sensitive software and other technology as a means to maintain national security interests and foreign policy agreements. Three U.S. agencies have the authority to issue export licenses: the Department of State, the Department of Commerce, and the Department of the Treasury. Individual software developers do not have the authority to impose their own export controls.
Which of the following is the primary result of an organization's security incident response policies?
While incident response policies might include the process of responding to an incident and identifying and documenting its cause, the primary function of incident response policies is to ensure that the same incident does not happen again.
You are the first responder to an incident of computer crime at your company. The datacenter's security has been penetrated, a server accessed, and sensitive company data stolen. The company's incident response plan lists the specific tasks that you are responsible for performing. Which of the following are likely to be among those tasks? (Choose all that apply.)
While securing the area to prevent contamination of evidence, documenting the scene with photographs or video, collecting any evidence that might be visible, and cooperating with the authorities are tasks that are likely to be in the company's incident response policy. Turning off the server most certainly would not, because this could disturb or delete evidence of the crime.
Which of the following types of backup jobs are supported by the Windows Server Backup program? (Choose all that apply.)
Windows Server Backup can perform full backups and incremental backups. It does not support differential backups, and there is no backup job called a supplemental.
You are going to work for a new company as a software developer, and Human Resources (HR) has notified you that you must sign a document guaranteeing that you will maintain confidentiality about the company's products and programming code in perpetuity. Which of the following documents contains this agreement?
A Non-Disclosure agreement (NDA) specifies what company information employees are permitted to discuss outside the company. A Service Level Agreement (SLA) is a contract between a provider and a subscriber that specifies the percentage of time that the contracted services are available. Acceptable Use Policies (AUPs) specify whether and how employees can utilize company-owned hardware and software resources. A Memorandum of Understanding (MOU) is a document outlining an agreement between two parties that precedes the signing of a contract. A Bring Your Own Device (BYOD) policy specifies the personal electronics that employees are permitted to use on the company network and documents the procedures for connecting and securing them.
While negotiating a new contract with a service provider, you have reached a disagreement over the contracted reliability of the service. The provider is willing to guarantee that the service will be available 99 percent of the time, but you have been told to require 99.9 percent. When you finally reach an agreement, the negotiated language will be included in which of the following documents?
A Service Level Agreement (SLA) is a contract between a provider and a subscriber that specifies the percentage of time that the contracted services are available. Acceptable Use Policies (AUPs) specify whether and how employees can utilize company-owned hardware and software resources. A Non-Disclosure Agreement (NDA) specifies what company information employees are permitted to discuss outside the company. A Bring Your Own Device (BYOD) policy specifies the personal electronics that employees are permitted to use on the company network and documents the procedures for connecting and securing them.
You have just completed negotiating an annual contract with a provider to furnish your company with cloud services. As part of the contract, the provider has agreed to guarantee that the services will be available 99.9 percent of the time, around the clock, seven days per week. If the services are unavailable more than 0.1 percent of the time, your company is due a price adjustment. Which of the following terms describes this clause of the contract?
A Service Level Agreement (SLA) is a contract between a provider and a subscriber that specifies the percentage of time that the contracted services are available. Mean Time Between Failure (MTBF) is a hardware specification that estimates how long a particular component can be expected to function. Acceptable Use Policies (AUPs) specify whether and how employees can utilize company-owned hardware and software resources. Mean Time to Repair (MTTR) specifies the average time it will take to repair a specific hardware company when it malfunctions.
Which of the following statements best describes a baseline?
A baseline is a record of a system's performance under real-world operating conditions, captured for later comparison as conditions change. The workload during a baseline capture should be genuine, not simulated or estimated.
Which of the following mechanisms for load balancing web servers is able to read the incoming HTTP and HTTPS requests and perform advanced functions based on the information they contain?
A content switch is an application layer device, which is what renders it capable of reading the incoming Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure (HTTPS) messages. HTTP is an application layer protocol. Multilayer switches do not operate above the transport layer. Failover clustering and (DNS) round-robin are both techniques for distributing incoming traffic without actually processing it.
Your company has been acquired by another firm and, as IT director, you will have to comply with the new firm's safety policies in your datacenter and other IT workspaces. One of the new requirements states that there must be a fail closed policy for the datacenter. Which of the following best describes what this policy dictates should occur in the event of an emergency?
A fail closed policy for the datacenter specifies that any open doors should lock themselves in the event of an emergency. To support this policy, the datacenter will have to have a self-contained fire suppression system, which uses devices such as fire detectors and oxygen-displacing gas systems
Password policies that contain a history requirement typically have which of the following limitations?
A history requirement in a password policy prevents users from specifying any one of their most recently used passwords. Although creating passwords using the names of relatives and historical figures is not recommended, it is not something that is easy to prevent. Each user maintains his or her own password history; there is no conflict with the passwords of other users.
After being hired for a job as an IT administrator, you have been assigned two user accounts, one of which is intended for general use and the other only for administrative tasks. You are also required to sign an agreement that outlines the restrictions for your account use. Specifically, you are not permitted to use the administrative account for anything other than administrative tasks, including browsing the Internet and accessing data for which you are not authorized. Which of the following is the best name for this type of agreement?
A privileged user agreement specifies the abilities and limitations of users with respect to the administrative accounts and other privileges they have been granted. Remote access policies specify when and how users are permitted to access the company network from remote locations. A Service Level Agreement (SLA) is a contract between a provider and a subscriber that specifies the guaranteed availability of the service. Acceptable Use Policies (AUPs) specify whether and how employees can utilize company-owned hardware and software resources.
Which of the following are settings typically included in an account lockout policy? (Choose all that apply.)
Account lockout threshold specifies the number of incorrect logon attempts that are allowed before the account is locked out. Account lockout duration is the amount of time that an account remains locked out. Reset account lockout threshold counter specifies the amount of time before the number of incorrect attempts is reset to zero. Account lockout policies typically do not include a setting that regulates the amount of time allowed between logon attempts.
Which of the following elements would you typically not expect to find in a Service Level Agreement (SLA) between an Internet Service Provider (ISP) and a subscriber?
An ISP provides subscribers with access to the Internet. The applications that the subscriber uses on the internet are typically not part of the SLA. An SLA does typically specify exactly what services the ISP will supply, what equipment the ISP will provide, and the technical support services the ISP will furnish as part of the agreement.
Which of the following specifications would you most want to examine when comparing hard disk models for your new Redundant Array of Independent Disks (RAID) array?
Mean Time Between Failure (MTBF) specifies how long you can expect a device to run before it malfunctions. For a hard disk, this specification indicates the life expectancy of the device. A Service Level Agreement (SLA) and an Acceptable Use Policy (AUP) are not specifications associated with hard disk drives. Mean Time to Repair (MTTR) can conceivably be specified for a hard disk, but hard disk drives in a RAID array are typically replaced, not repaired.
Which of the following types of documentation should indicate the complete route of every internal cable run from wall plate to patch panel?
The main purpose of a wiring schematic is to indicate where cables are located in walls and ceilings. A physical network diagram identifies all of the physical devices and how they connect together. Asset management is the identification, documentation, and tracking of all network assets, including computers, routers, switches, and so on. A logical network diagram contains addresses, firewall configurations, Access Control Lists (ACLs), and other logical elements of the network configuration.