Network + Transcender Questions (Network Architecture)

You connect a home computer to a BRI ISDN line. The Bandwidth On Demand Interoperability Group (BONDING) protocol is used to combine the channels. What is the maximum data transfer rate of the B channels? 56 Kbps 128 Kbps 1.544 Mbps 44.736 Mbps

128 Kbps

What is the highest speed available when implementing DS3? 3 Mbps 10 Mbps 45 Mbps 1 Gbps

45 Mbps

DMZ

A demilitarized zone (DMZ) is an isolated subnet on a corporate network that contains resources that are commonly accessed by public users, such as Internet users. The DM is created to isolate those resources to ensure that other resources that should remain private are not compromised. A DMZ is usually implemented with the use of firewalls.

Which type of intrusion detection system (IDS) relies upon a database that contains the identities of possible attacks? network-based IDS anomaly-based IDS behavior-based IDS signature-based IDS

signature based IDS

VPN

A virtual private network (VPN) is a technology that allows users to access private network resources over a public network, such as the Internet. Tunneling techniques are used to protect the internal resources.

Which statement is true of a network-based intrusion detection system (NIDS)? An NIDS generates a finite number of alarms. An NIDS does not analyze real-time information. An NIDS is active while gathering data over the network. An NIDS cannot detect an intruder who is logged on to a host computer.

An NIDS cannot detect an intruder who is logged on to a host computer.

ATM

Asynchromous Transfer Mode - high-speed, cell switching link type transmitting up to 2,488 Mbps. ATM cell 53 bytes:48-byte payload/5-byte header.

You manage a network for your organization. The network contains one DNS server and three routers. You are setting up a new DHCP server. You configure separate scopes for each subnet on your network. The routers are configured to forward DHCP requests. You need to ensure that DHCP clients receive the appropriate settings using the least administrative effort. What else should you do? (Choose all that apply.) A. Configure the DNS server as a server option. B. Configure the DNS server as a scope option for each scope. C. Configure each router as a server option. D. Configure each router as a scope option for its appropriate scope.

Configure the DNS server as a server option. Configure each router as a scope option for its appropriate scope.

You need to ensure that the Web server always receives the same IP address from the DHCP server. What should you do? Create a DHCP scope. Create a DHCP exclusion. Create a DHCP reservation. Create a scope option.

Create a DHCP reservation

Which RADIUS implementation was created to deal with Voice over IP (VoIP) and wireless services? TACACS XTACACS TACACS+ Diameter

Diameter

ESP

Encapsulating Security Protocol (ESP) encrypts IPSec packets. Transport mode sends IPSec packets between two computers without encapsulating packets. AH and ESP work in transport mode and tunnel mode.

FDDI

Fiber Distributed Data Interface - high-speed, Token Ring network that uses fiber optic calbe transmitting up to 100Mbps. Ring Distance=100kilometers(62 miles)

DHCP server

Provide dynamic IP addresses

Which system or device detects network intrusion attempts and controls access to the network for the intruders? firewall IDS IPS VPN

IPS (Intrusion Prevention System)

Which three statements are true of Internet Protocol Security (IPSec)? (Choose three.) A IPSec can work in either in tunnel mode or transport mode. B IPSec uses encapsulation security payload (ESP) and authentication header (AH) as security protocols for encapsulation. C The IPsec framework uses L2TP as the encryption protocol. D The IPSec framework is used in a virtual private network (VPN) implementation to secure transmissions. E IPSec ensures availability of information as a part of the CIA triad.

IPSec can work in either in tunnel mode or transport mode. IPSec uses encapsulation security payload (ESP) and authentication header (AH) as security protocols for encapsulation. The IPSec framework is used in a virtual private network (VPN) implementation to secure transmissions.

Your company has a corporate-wide Windows Server 2008 network using the TCP/IP protocol. Several users are complaining that their computers are getting IP address conflicts. Which action should you perform? Implement a DHCP server. Increase the TCP window size. Manually configure IP addresses on each computer. Change the MAC address for each network interface card.

Implement a DHCP server

Users on your network have access to the Internet. As more users access the Internet, bandwidth starts to diminish, causing Web pages to load slowly. After looking at the Web server logs, you have noticed that many of the same Web sites are being accessed by multiple users. What should you do to improve your company's Internet bandwidth? Implement a DNS server. Implement a WINS server. Implement an IP proxy server. Implement an HTTP proxy server.

Implement an HTTP proxy server.

ICA

Independent Computing Architecture (ICA) is a Citrix protocol used in application server environments.

ISDN

Integrated Services Digital Network - provides direct, point to point digital connection at a speed of up to 2Mbps.

IPSec

Internet Protocol Security (IPSec) in tunnel mode with the Authentication Header (AH) protocol produces an encapsulated packet that is digitally signed. AH digitally signs a packet for authentication purposes. Tunnel mode encapsulates a packet within another packet

ISAKMP

Internet Security Association and Key Management Protocol (ISAKMP) is a protocol that works with IPSec to establish a secure session.

IDS

Intrusion Detection System - detects network intrusion attempts but does not prevent them.

IPS

Intrusion Prevention System - detects network intrusion attempts and controls access to the network.

What is one advantage of the dual-ring topology in a FDDI system? A. It does not require a repeater. B. It is not limited to a maximum ring length. C. It can accommodate 1,000 computers per ring. D. It automatically utilizes the secondary ring if the primary ring fails.

It automatically utilizes the secondary ring if the primary ring fails.

You decide to implement a DHCP server on your network. What is the purpose of a DHCP scope? It is the temporary assignment of an IP address. It is the range of IP addresses that a DHCP server can temporarily assign. It is an IP address that is set aside for a certain device. It is an IP address that cannot be assigned.

It is the range of IP addresses that a DHCP server can temporarily assign.

L2TP

Layer Two Tunneling Protocol (L2TP) is an enhancement of PPTP and can also be used to create a VPN.

proxy server

Manage Internet requests and cache Web content.

DNS Resource Record Type A

Maps a host name to an IPv4 address

DNS Resource Record Type AAAA

Maps a host name to an IPv6 address

DNS Resource Record Type MX

Maps a mail server name to a domain

DSN Resource Record Type PTR

Maps an IP address to a host name

DNS Resource Record Type CNAME

Maps an additional host name to an existing host record

A customer has asked you to deploy a solution based on port numbers that allows multiple computers to share a single IP address. Which addressing technology should you deploy? NAT PAT APIPA DHCP

PAT - Port Address Translation

PPP

PPP is a protocol used to establish dial-up network connections.

Your organization has decided to implement a virtual private network (VPN) to allow remote employees to access internal resources. Which two protocols are used to create VPNs over TCP/IP? (Choose two.) PPP SSL RAS PPTP L2TP

PPTP L2TP

PPPoE

Point-to-Point Protocol over Ethernet (PPPoE) is a protocol that encapsulates PPP within Ethernet frames.

PPTP

Point-to-Point Tunneling Protocol (PPTP) was created by Microsoft to work with the Point-to-Point protocol (PPP) to create a virtual Internet connection so that networks can use the Internet as their WAN link.

Which technology provides centralized remote user authentication, authorization, and accounting? VPN DMZ RADIUS Single sign-on

Radius

RAS

Remote Access Service (RAS) is a service provided by the network operating system that allows remote access to the network via a dial-up connection.

Radius

Remote Authentication Dial-In User Service (RADIUS) provides centralized remote user authentication, authorization, and accounting.

RDP

Remote Desktop Protocol (RDP) is a Microsoft protocol that establishes sessions with other computers.

DSN server

Resolves host names and IP addresses

Your network contains four segments. Which network devices can you use to connect two or more of the LAN segments together? (Choose four.) Hub Router Switch Bridge Repeater Wireless Access Point

Router Switch Bridge WAC

SSL

Secure Sockets Layer (SSL) is a security protocol that uses both encryption and authentication to protect data sent in network communications.

Single Sign-On

Single sign-on is a feature whereby a user logs in once to access all network resources.

Your company consists of 75 employees. Your company has entered into a partnership with another company that is located across the country. Your company's users must be able to connect to the partner's network quickly and reliably. Support for voice, data, and imaging transmissions and a dedicated 24-hour link are required. Your solution must be as inexpensive as possible while providing enough bandwidth for your company's employees. What should you implement? T1 ATM FDDI ISDN POTS

T1 - provides fast, digital connections of up to 1.544 Mbps, transmitting voice, data and video.

Which connection type allows for connections of up to 44.736 Mbps? T1 E1 T3 E3

T3

VPN Concentrator

Terminates the VPN tunnels

VPN

Virtual Private Network - is a private network that users can connect to over a public network.

WAC

Wireless Access Point - is essentially a translational bridge.

What is ISAKMP? a Microsoft protocol that establishes sessions with other computers a protocol that encapsulates PPP within Ethernet frames a protocol that works with IPSec to establish a secure session a Citrix protocol used in application server environments

a protocol that works with IPSec to establish a secure session

Which payload is produced by using IPSec in tunnel mode with the AH protocol? an encapsulated packet that is encrypted an encapsulated packet that is digitally signed an unencapsulated packet that is encrypted an unencapsulated packet that is digitally signed

an encapsulated packet that is digitally signed

In PKI, what is the entity that signs a certificate? an issuer a principal a verifier a subjec

an issuer

Your network contains a DHCP server. While performing routine maintenance, you discover that the DHCP server has the following types of options configured: server options, scope options, reserved client options, and class options. Which of these types of options takes precedence? A. server options B. scope options C. class options D. reserved client options

reserved client options

What is the main purpose of a VPN concentrator? to terminate the VPN tunnels to resolve host names and IP addresses to provide dynamic IP addresses to manage Internet requests and cache Web content

to terminate the VPN tunnels