Chapter 9 TCP/IP Internetworking II
33) The main disadvantage of transport mode protection compared to tunnel mode protection in IP is ________. A) that it provides protection over only part of the route B) higher cost C) both A and B D) neither A nor B
Answer: B
39) Which has stronger security? A) SSL/TLS B) IPsec C) Both have about equal security.
Answer: B
40) If a host is to be able to communicate via IPv4 and IPv6, it is said to ________. A) be bilingual B) have a dual-stack C) be IPv6-ready D) be IP-agile
Answer: B
51) Which of the following can route non-IP packets? A) OSPF B) EIGRP C) both A and B D) neither A nor B
Answer: B
8) In NAT, the ________ creates new external source IP addresses and port numbers. A) router B) firewall C) source host D) destination host
Answer: B
10) Which of the following can be used within a firm? A) private IP addresses B) public IP addresses C) both A and B D) neither A nor B
Answer: C
12) Which of the following is true about NAT? A) It can enhance security. B) It presents problems for some protocols. C) both A and B D) neither A nor B
Answer: C
13) The domain name system ________. A) is a way to find a host's IP addresses if your computer only knows the host's host name B) is a general naming system for the Internet C) both A and B D) neither A nor B
Answer: C
42) Which is NOT one of the three parts of a public IPv6 unicast address? A) subnet ID B) routing prefix C) host part D) All of the above are parts in a public IPv6 unicast address.
Answer: C
48) A step in creating an EUI-64 is dividing a 48-bit MAC address in half and inserting ________ in the center. A) the interface ID B) the subnet ID C) fffe D) 0000
Answer: C
6) You have a 20-bit network part and a 4-bit subnet part. How many hosts can you have per subnet? A) 14 B) 16 C) 254 D) none of the above
Answer: C
20) How many DNS root servers are there? A) 1 B) 2 C) 10 D) 13
Answer: D
11) Which of the following is a private IP address range? A) 10.x.x.x B) 128.171.x.x C) both A and B D) neither A nor B
Answer: A
19) The highest-level DNS servers are called ________. A) root servers B) top-level servers C) both A and B D) neither A nor B
Answer: A
23) Which of the following would be an SNMP object? A) number of rows in routing table B) a managed switch C) both A and B D) neither A nor B
Answer: A
26) SNMPv1 uses ________ for authentication. A) community names B) digital certificates and digital signatures C) a different password for each manager-agent pair D) all of the above
Answer: A
3) If you have a subnet part of 7 bits, how many subnets can you have? A) 126 B) 254 C) 510 D) none of the above
Answer: A
30) IPsec provides protection in two modes of operation; one of these two modes is ________. A) transport mode B) data link mode C) network mode D) 802.1X mode
Answer: A
31) The main limit of IPsec tunnel mode protection compared to transport mode protection in IPsec is ________. A) protection over only part of the route B) higher cost C) both A and B D) neither A nor B
Answer: A
32) Which mode of IPsec may be more expensive if a company has a large number of computers? A) transport mode B) tunnel mode C) Both A and B are equally expensive.
Answer: A
34) Client PCs must have digital certificates in ________. A) transport mode B) tunnel mode C) both A and B D) neither A nor B
Answer: A
37) Which of the following standards permits central management? A) IPsec B) SSL/TLS C) both A and B D) neither A nor B
Answer: A
38) Which is less expensive to implement? A) SSL/TLS B) IPsec C) Both cost about the same to implement.
Answer: A
43) The routing prefix in IPv6 is like the ________ part in an IPv4 address. A) network B) subnet C) host D) both A and B
Answer: A
47) The IEEE calls 64-bit interface addresses ________. A) Extended Unique Identifiers B) Interface IDs C) MAC addresses D) half-IP
Answer: A
49) Dynamic ________ protocols allow routers to transmit routing table information to one another. A) routing B) transport C) synchronization D) none of the above
Answer: A
50) A company is free to select whatever ________ dynamic routing protocol it wishes. A) interior B) exterior C) both A and B D) neither A nor B
Answer: A
52) ________ is an interior dynamic routing protocol. A) OSPF B) BGP C) both A and B D) neither A nor B
Answer: A
55) To see if a target host can be reached, you normally would send it an ICMP ________ message. A) echo request B) error advisement C) either A or B D) neither A nor B
Answer: A
56) Pinging is to send ICMP ________ messages to the target host. A) echo request B) error advisement C) ping D) echo
Answer: A
9) NAT enhances security by ________. A) preventing sniffers from learning internal IP addresses B) encryption C) both A and B D) neither A nor B
Answer: A
14) ________ is a general naming system for the Internet. A) NAT B) DNS C) DHCP D) Dotted decimal notation
Answer: B
16) ".com" is a ________. A) root domain B) top-level domain C) second-level domain D) none of the above
Answer: B
17) ".edu" is a ________. A) root domain B) top-level domain C) second-level domain D) none of the above
Answer: B
18) Most corporations wish to have ________ domain names. A) top-level B) second-level C) third-level D) none of the above
Answer: B
22) In SNMP, the manager communicates directly with a(n) ________. A) managed device B) agent C) object D) access point
Answer: B
25) In SNMP, companies are often reluctant to use ________ commands because of security dangers. A) Get B) Set C) trap D) request
Answer: B
28) IPsec protects ________ layer messages. A) data link B) application C) both A and B D) neither A nor B
Answer: B
29) In tunnel mode, IPsec provides protection ________. A) all the way between the two hosts B) only between the IPsec servers C) both A and B D) neither A nor B
Answer: B
41) Today, it can be problematic to have only a single IPv6 stack because ________. A) a single IPv4 stack is out of date B) a single IPv6 stack could not communicate with a single IPv4 stack C) a dual stack has become a common solution D) all of the above
Answer: B
44) If the subnet ID in an IPv6 address is 32 bits, how long is the routing prefix? A) 16 bits B) 32 bits C) 64 bits D) none of the above
Answer: B
45) The part of an IPv6 global unicast address that designates the host is called the ________. A) host part B) interface ID C) routing prefix D) none of the above
Answer: B
46) In an IPv6 global unicast address, the interface ID is ________ bits long. A) 32 B) 64 C) 128 D) It varies.
Answer: B
7) ________ is the process of presenting external IP addresses that are different from internal IP addresses used within the firm. A) DNS B) NAT C) DHCP D) none of the above
Answer: B
2) In IP subnet planning, you need to have at least 130 subnets. How large should your subnet part be? A) 6 B) 7 C) 8
Answer: C
21) A company receives its domain name from ________. A) IETF B) its ISP C) a domain registrar D) its parents
Answer: C
24) Which of the following would be an SNMP object? A) number of rows in routing table B) system uptime (since last reboot) C) both A and B D) neither A nor B
Answer: C
27) SNMPv3 uses ________ for authentication. A) community names B) digital certificates and digital signatures C) a different password for each manager-agent pair D) all of the above
Answer: C
35) IPsec is used for ________ VPNs. A) remote-access B) site-to-site C) both A and B D) neither A nor B
Answer: C
1) If your subnet part is 8 bits long, you can have ________ subnets. A) 64 B) 128 C) 256 D) 254
Answer: D
15) In DNS, a group of resources under the control of an organization is called a ________. A) network B) subnet C) scope D) domain
Answer: D
36) In IPsec, agreements about how security will be done are called ________. A) tranches B) security contracts C) service-level agreements D) security associations
Answer: D
4) Your firm has an 8-bit network part. If you need at least 250 subnets, what must your subnet part size be? A) 5 B) 6 C) 7 D) 8
Answer: D
5) Your firm has an 8-bit network part and an 8-bit subnet part. How many hosts can you have per subnet? A) 126 B) 254 C) 534 D) 65,534
Answer: D
53) ________ is used for supervisory messages at the internet layer. A) TCP B) DNS C) DHCP D) ICMP
Answer: D
54) IP is reliable because of ________. A) echo and echo reply messages B) error advisement messages C) both A and B D) neither A nor B
Answer: D
