ch. 7
by default, what network connection is selected when creating a vm in vmware, virtualbox or kvm? a. nat b. lockdown c. bridged d. host only
a
ppp headers and trailers used to create a ppp frame that encapsulates network layer packets vary between 8 and 10 bytes in size due to what field? a. fcs b. priority c. encryption d. fec
a
what special enterprise vpn supported by cisco devices creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels? a. Dynamic Multipoint VPN b. Symmetric VPN Autodial c. Auto Switched VPN Service d. Dynamic SmartVPN
a
which regarding point to point (ppp) protocol is not accurate? a. can support strong encryption b. can utilize an authentication protocol to authenticate a client c. can support several network layer protocols that might use the connection d. can negotiate and establish a connection between 2 endpoints
a
why is the telnet utility a poor choice for remote access to a device? a. provides poor authentication and no encryption b. cannot be used over a public wan c. does not allow for control of a computer remotely d. provides no mechanism for authentication
a
what cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices? a. iaas b. paas c. saas d. xaas
c
what security encryption protocol requires regular reestablishment of a connection and can be used with any type of tcp/ip transmission? a. l2tp b. ssl c. ipsec d. tls
c
A Type 2 hypervisor installs on a computer before any OS, and is therefore called a bare-metal hypervisor
false
What open-source VPN protocol utilizes OpenSSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked? a. OpenVPN b. Point-to-Point Tunneling Protocol (PPTP) c. Generic Routing Encapsulation (GRE) d. Layer 2 Tunneling Protocol (L2TP)
a
a vswitch (virtual switch) or bridge is a logically defined device that operates at what layer? a. 2 b. 7 c. 1 d. 4
a
at what layer does the IPsec encryption protocol operate? a. network b. application c. transport d. physical
a
which of the virtualization products is an example of a bare metal hypervisor? a. citrix xenserver b. linux kvm c. vmware player d. virtualbox
a
In a software defined network, what is responsible for controlling the flow of data? a. flow director b. SDN switch c. SDN controller d. vRouter
c
what type of scenario would best serve by using a platform as a service (paas) cloud model? a. organization needs to have a hosted virtual network infrastructure for their services, which are run on virtual machines b. small organization needs to have a high availability for their web server c. group of developers needs access to multiple OS and the runtime libraries the OS provides d. organization wishes to gain access to applications through an online user interface, while maintaining compatibility across OS
c
when is it appropriate to utilize nat network connection type? a. when vm requires an ip address on physical lan b. if vm is intended for vm to host communications c. whenever vm does not need to be access at a known address by other network nodes d. if vm does not need to communicate w/ host pc
c
which is not a task that a vpn concentrator is responsible for? a. establish tunnels for vpns b. manages encryptions for vpns c. shuts down established connections when malicious traffic occurs d. authenticates vpn clients
c
which regarding the ssh (secure shell) collection of protocols is accurate? a. does not protect against ip spoofing b. does not protect against dns spoofing c. supports port forwarding d. provides a graphical view of remote computer
c
which statement regarding use of a bridged mode vnic is accurate? a. able to communicate across bridge to host pc b. assigned a nat-ed ip address c. its own ip address on physical lan d. utilize host pc's ip address
c
amazon and rackspace both utilize what virtualization software below to create their cloud environments? a. oracle virtualbox b. vmware vsphere c. parallels d. citrix xen
d
combination of public key and private key a. key set b. key team c. key tie d. key pair
d
in order to generate a public and private key for use w/ ssh, what command line utility should be used? a. ssh-newkey b. gpg --ssh c. key-generate d. ssh-keygen
d
regarding vnc (virtual network computing), what statement is accurate? a. a standard developed by microsoft and used by windows remote desktop b. uses the remote desktop protocol (rdp) c. faster than remote desktop and requires less network bandwidth d. open source, allowing companies to develop their own software based on vnc
d
term is used to describe a space that is rented at a data center facility by a service provider? a. locally exchanged data point (ledp) b. central service point (csp) c. service location (sl) d. point of presence (pop)
d
when using public and private keys to connect to an ssh server from a linux device, where must your public key be placed before you can connect? a. in /etc/ssh/keys b. in /var/run/ssh/public c. in an authorization file under home directory d. in an authorization file on host where ssh server
d
while file transfer protocol has no authentication or security for transferring files, uses UDP and requires very little memory to use? a. secure ftp (sftp) b. ftp secure (ftps) c. file transfer protocol (ftp) d. trivial ftp (tftp)
d
A community cloud is a service shared between multiple organizations, but not available publicly
true
The Virtual Network Computing (VNC) application uses the cross-platform remote frame buffer (RFB) protocol.
true
an enterprise wide VPN can include elements of both the client-to-site and site-to-site model
true
digital certificates are issues, maintained and validated by certificate authority (ca)
true
office 365 is an example of an saas implementation w/ a subscription model
true
ppp can support several types of network layer protocols that might use the connection.
true
The use of certificate authorities to associate public keys with certain users is known by what term? a. public-key infrastructure b. certified infrastructure c. public-key organization d. symmetric identification
a
vmware player and linux kvm are both examples of what type of hypervisor? a. barebones b. type 2 c. bare-metal d. type 1
b
what is not a potential disadvantage of utilizing virtualization? a. increased complexity and administrative burden can result from use of vms b. virtualization software increase complexity of backups, creating usable backups difficult c. licensing costs can be high due to every instance of commercial software requiring a separate license d. multiple vms contending for finite resources can compromise performance
b
when using a site to site vpn, what type of device sits at the edge of lan and establishes connection between sites? a. vpn transport b. vpn gateway c. vpn server d. vpn proxy
b
which regarding IKEv2 tunneling protocol is accurate? a. based on tech developed by cisco and standardized by IETF b. offers fast throughput and good stability when moving between wireless hotspots c. an older, layer 2 protool developed by microsoft that encapsulates vpn data frames d. open source vpn protocol that utilizes openssl for encryption
b
after l2tp establishing a vpn tunnel gre is used to transmit l2tp data frames through the tunnel
false
ftps and sftp are two names for the same protocol
false
https (http secure) protocol utilizes same tcp port as http, port 80
false