IT Final Exam 10-12
Which of the following is NOT a task that a VPN concentrator is responsible for?
A VPN concentrator shuts down established connections when malicious traffic occurs.
What type of scenario would be best served by using a Platform as a Service (PaaS) cloud model?
A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides.
Amazon and Rackspace both utilize what virtualization software below to create their cloud environments?
Citrix Xen
Which of the following virtualization products is an example of a bare-metal hypervisor?
Citrix XenServer
The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field?
FCS
After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel.
False
FTPS (FTP Security or FTP Secure) and SFTP (Secure FTP) are two names for the same protocol.
False
Which statement regarding the IKEv2 tunneling protocol is accurate?
IKEv2 offers fast throughput and good stability when moving between wireless hotspots.
What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?
IPsec
Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers?
IaaS
When using public and private keys to connect to an SSH server from a Linux device, where must your public key be placed before you can connect?
In an authorization file on the host where the SSH server is.
Why is the telnet utility a poor choice for remote access to a device?
It provides poor authentication and no encryption.
The combination of a public key and a private key are known by what term below?
Key pair
A vSwitch (virtual switch) or bridge is a logically defined device that operates at what layer of the OSI model?
Layer 2
At what layer of the OSI model does the IPsec encryption protocol operate?
Network Layer
What open-source VPN protocol utilizes OpenSSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked?
OpenVPN
Which of the following statements regarding the Point-to-Point (PPP) protocol is NOT accurate?
PPP can support strong encryption, such as AH or ESP.
In a software defined network, what is responsible for controlling the flow of data?
SDN controller
Which statement regarding the use of a bridged mode vNIC is accurate?
The vNIC will its own IP address on the physical LAN.
An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models.
True
Digital certificates are issued, maintained, and validated by an organization called a certificate authority (CA).
True
Office 365 is an example of an SaaS implementation with a subscription model.
True
PPP can support several types of Network layer protocols that might use the connection.
True
VMware Player and Linux KVM are both examples of what type of hypervisor?
Type 2 hypervisor
When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites?
VPN gateway
What term is used to describe a space that is rented at a data center facility by a service provider?
point of presence (PoP)
The use of certificate authorities to associate public keys with certain users is known by what term?
public-key infrastructure
