Test 4 Practice questions
what subnet mask can be used to segment the 172.16.0.0 to allow for a minimum of 6 subnets while maximizing the number of hosts per subnet? a. 255.255.248.0 b. 255.255.224.0 c. 255.255.128.0 d. 255.255.192.0
...b. 255.255.224.0
how many subnets can a /48 site prefix support? a. 65,536 subnets b. 256 subnets c. 131,072 subnets d. 16,384 subnets
a. 65,536 subnets
the PPP headers and trailers used to create a PPP frame that encapsulates network layer packets vary between 8 and 10 bytes in size due to what field? a. FCS b. encryption c. FEC d. priority
a. FCS this field ensures that data is received in tact
when dealing with a Cisco switch, what is NOT one of the pre-established VLANs? a. VLAN 1001 b. VLAN 1 c. VLAN 1005 d. VLAN 1003
a. VLAN 1001
When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites? a. VPN gateway b. VPN transport c. VPN server d. VPN proxy
a. VPN gateway
what type of scenario would be best served by using a platform as a service (PaaS) cloud model? a. a group of developers needs access to multiple operating systems and the runtime libraries that the OS provides b. A small organization that needs to have high availability for their web server c. an organization needs to have a hosted virtual network infrastructure for their services, which are run on virtual machines d. an organization wishes to gain applications through an online user interface, while maintaining compatibility across operating systems
a. a group of developers needs access to multiple operating systems and the runtime libraries that the OS provides
what is NOT one of the ways in which networks are commonly segmented? a. by device manufacturer b. by departmental boundaries c. by device types d. by geographic location
a. by device manufacturer
regarding VNC (virtual network computing or virtual network connection) what statement is accurate? a. VNC is a standard developed by Microsoft and used by remote desktop protocol (RDP) b. VNC is open source, allowing companies to develop their own software based on VNC c. VNC uses remote desktop protocol (RDP) d. VNC is faster than Remote Desktop, and requires less network bandwidth
b. VNC is open source, allowing companies to develop their own software based on VNC
which of the following is NOT a task that a VPN concentrator is responsible for? a. a VPN concentrator manages encryption for VPN transmissions b. a VPN concentrator shuts down established connections when malicious traffic occurs c. a VPN concentrator establishes tunnels for VPN connections d. a VPN concentrator authenticates VPN clients
b. a VPN concentrator shuts down established connections when malicious traffic occurs
which of the following suggestions can help prevent VLAN hopping attacks on a network? a. install an additional switch to isolate traffic b. disable auto-trunking and move native VLANs to unused VLANs c. install a router to process the untagged traffic on the VLAN d. use MAC address filtering
b. disable auto-trunking and move native VLANs to unused VLANs
when an 802.1Q tag is added to Ethernet frame, where is it placed? a. inserted between the preamble and destination address b. inserted between the source address and Ethernet type field c. inserted between the destination and source addresses d. it is appended to the end of the frame
b. inserted between the source address and Ethernet type field
What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission? a. TLS b. L2TP c. SSL d. IPsec
d. IPsec
by default, what network connection type is selected when creating a VM in VMware, VirtualBox, or KVM? a. host-only mode b. lockdown mode c. bridged mode d. NAT mode
d. NAT mode
what open source VPN protocol utilizes Open SSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked? a. layer 2 tunneling protocol (L2TP) b. generic routing encapsulation (GRE) c. point-to-point tunneling protocol (PPTP) d. OpenVPN
d. OpenVPN
in a software defined network, what is responsible for controlling the flow of data? a. flow director b. SDN switch c. vRouter d. SDN controller
d. SDN controller
what special enterprise VPN supported by Cisco devices creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels? a. dynamic SmartVPN b. Symmetric VPn autodial c. auto switched VPN service d. dynamic multipoint VPN
d. dynamic multipoint VPN
on certain Cisco products, what command can be used to create and send helper messages that support several types of UDP traffic, including DHCP, TFTP, DNS, and TACACS+? a. set ip helper address b. ip new helper c. ip create helper server d. ip helper-address
d. ip helper-address
an interface that manages traffic from multiple VLANs is known by what term? a. egress port b. trunk port c. access port d. aggregation port
b. trunk port
by default, when sing classful addressing, how many bits exist in the host portion of a class A IPv4 address? a. 24 b. 16 c. 32 d. 8
a. 24
At what layer of the OSI model does the IPSec encryption protocol operate? a. network layer b. physical layer c. transport layer d. application layer
a. network layer
with VTP, where is the VLAN database stored? a. on the switch that as configured as the trunk root b. on the switch known as the stack master c. on the designated VLAN server for the network d. on the router responsible for maintaining the VTP database
b. on the switch known as the stack master
which of the following statements regarding IPv6 subnetting is NOT accurate? a. IPv6 addressing uses no classes, and is therefore classless b. the largest IPv6 subnet capable of being created is a /64 c. a single IPv6 subnet is capable of supplying 18,446,774,073,709,551,616 IPv6 addresses d. IPv6 does not use subnet masks
b. the largest IPv6 subnet capable of being created is a /64
which statement regarding the use of a bridged mode vNIC is accurate? a. the vNIC will only be able to communicate across the bridge to the host PC b. the vNIC will use its own IP address on the physical LAN c. the vNIC will be assigned a NAT-ed IP address d. the vNIC will utilize the host PC's IP address
b. the vNIC will use its own IP address on the physical LAN
a network with 10 bits remaining for the host portion will have how many usable host addresses? a. 510 b. 4192 c. 1022 d. 2046
c. 1022 1024 - 2 (network ID and broadcast address)
What IEEE standard specifies how VLAN information appears in frames and how switches interpret that information? a. 802.1c b. 802.1d c. 802.1Q d. 802.1v
c. 802.1Q
amazon and rackspace both utilize what virtualization software below to create their cloud environments? a. oracle VirtualBox b. VMware vSphere c. Citrix Xen d. Parallels
c. Citrix Xen
which of the following virtualization products is an example of a bare-metal hypervisor? a. linux KVM b. VMware player c. Citrix XenServer d. VirtualBox
c. Citrix XenServer
what command will set the native VLAN on a juniper switch port? a. switchport trunk native vlan b. config native vlan c. set native-vlan-id d. switchport set native vlan
c. set native-vlan-id
in order to generate a public and private key for use with SSH, what command line utility would you use? a. ssh-newkey b. gpg --ssh c. ssh-keygen d. key-generate
c. ssh-keygen
VMware Player and Linux KVM are both examples of what type of hypervisor? a. type 1 hypervisor b. bare metal hypervisor c. type 2 hypervisor d. barebones hypevisor
c. type 2 hypervisor
subtracting an interesting octet value from 256 yields what number? a. network ID b. magic number c. host ID d. subnet ID
b. magic number
what is NOT a potential disadvantage of utilizing virtualization? a. virtualization software increases the complexity of backups, making creation of usable backups difficult b. increased complexity and administrative burden can result from the use of virtual machines c. multiple virtual machines contending for finite resources can compromise performance d. licensing costs can be high due to every instance of commercial software requiring a separate license
a. virtualization software increases the complexity of backups, making creation of usable backups difficult
on a Cisco switch, what would be the security association identifier (SAID) for the VLAN 13? a. 1000130 b. 100013 c. 5013 d. 1013
b. 100013
what does the VLAN Trunk Protocol (VTP) do? a. shares trunking information amongst switches that participate b. is the protcol that defines how VLAN tagging is accomplished in an Ethernet network c. is protocol used by a trunk port for establishing a trunk with another switch d. shares VLAN database information amongst switches that particiapte
d. shares VLAN database information amongst switches that particiapte (called the Stack Master)_
on an IPv6 address, what do the first 4 blocks or 64 bits of the address represent? a. the broadcast domain for configured host ID b. the MAC address of the router assigning the host ID c. usable host portion of the network d. the site prefix or global routing prefix
d. the site prefix or global routing prefix
which file transfer protocol has no authentication or security for transferring files, uses UDP, and requires very little memory to use? a. secure FTP (SFTP) b. file transfer protocol (FTP) c. FTP secure (FTPS) d. trivial FTP (TFTP)
d. trivial FTP (TFTP)
When using public and private keys to connect to an SSH server from a linux device, where must your public key be placed before you can connect? a. in an authorization file on the host where the SSH server is b. in the /etc/ssh/keys folder c. in the /var/run/ssh/public folder d. in an authorization file under your home directory on your computer
a. in an authorization file on the host where the SSH server is
The combination of a public key and a private key is known as a ____. a. key pair b. key tie c. key set d. key team
a. key pair
if the EUI-64 standard is used, what part of an IPv6 address is affected? a. the last four blocks of the address b. all blocks of the address are affected c. the middle four blocks of the address d. the first four blocks of the address
a. the last four blocks of the address
when is it appropriate to utilize the NAT network connection type? a. whenever the VM does not need to be accessed at a known address by other network nodes b. only if the VM is intended for VM-to-host communications c. only when the VM requires an IP address on the physical LAN d. only if the VM does not need to communicate with the host PC
a. whenever the VM does not need to be accessed at a known address by other network nodes
how many /64 subnets can be created within a /56 prefix? a. 1024 b. 256 c. 2048 d. 512
b. 256
how large is the 802.1Q tag that is added to an Ethernet frame when using VLANs? a. 8 bytes b. 4 bytes c. 20 bytes d. 12 bytes
b. 4 bytes
what statement regarding the SSH (secure shell) collection of protocols is accurate? a. SSH provides a graphical view of the remote computer b. SSH supports port forwarding c. SSh does not protect against IP spoofing d. SSH does not protect against DNS spoofing
b. SSH supports port forwarding
What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices? a. PaaS b. SaaS c. XaaS d. IaaS
b. SaaS
which statement regarding IKEv2 tunneling protocol is accurate? a. it is based on technology developed by Cisco and standardized by IETF b. it offers fast throughput and good stability when moving between wireless hotspots c. it is an older, layer 2 protocol developed by Microsoft that encapsulates VPn data frames d. it is an open source VPN protocol that utilizes OpenSSL for encryption
b. it offers fast throughput and good stability when moving between wireless hotspots
why is the telnet utility a poor choice for remote access to a device? a. it cannot be used over a public WAN connection b. it provides poor authentication and no encryption c. it does not allow for control of a computer remotely d. it provides no mechanism for authentication
b. it provides poor authentication and no encryption
a vSwitch (virtual switch) or bridge is a logically defined device that operates at what layer of the OSI model? a. layer 1 b. layer 2 c. layer 4 d. layer 7
b. layer 2
The use of certificate authorities to associate public keys with certain users is known as ____. a. certified infrastructure b. public-key infrastructure c. public-key organization d. symmetric identification
b. public-key infrastructure
you are working on a Cisco switch and need to learn what VLANs exist on the switch. Which command will list the current VLANs recognized by the switch? a. get vlans b. show vlan c. list switch-vlans d. show vlandb
b. show vlan
what subnet mask can be used to segment the 172.16.0.0 network to allow for a minimum of 6 subnets while maximizing the number of hosts per subnet? a. 255.255.128.0 b. 255.255.192.0 c. 255.255.224.0 d. 255.255.248.0
c. 255.255.224.0
a subnet of 255.255.248.0 can be represented by what CIDR notation? a. /20 b. /29 c. /18 d. /21
d. /21
given a host IP address of 172.16.1.154 and subnet mask of 255.255.254.0, what is the network ID for this host? a. 172.16.2.0 b. 172.16.1.0 c. 172.0.0.0 d. 172.16.0.0
d. 172.16.0.0 - use logical ANDing with subnet mask and IP address, with both converted to binary
an IP address of 192.168.18.73/28 has what network ID? a. 192.168.18.32 b. 192.168.16.0 c. 192.168.18.0 d. 192.168.18.64
d. 192.168.18.64 - use logical ANDing with IP address and subnet mask