TestOut Network Pro 14.1 Optimization
Which Class of Service (CoS) priority value should be assigned to a video conference call?
4 - A priority value of 4 should be assigned to the video data stream. Each CoS priority value goes with a specific traffic type: 0 - Best effort (default) 1 - Background 2 - Excellent effort 3 - Critical applications 4 - Video (< 100ms latency) 5 - Voice (< 10ms latency) 6 - Internetwork control 7 - Network control
Which of the following components do switches use to optimize network performance by performing switching operations in hardware rather than using the CPU and software?
An application-specific integrated circuit - Switches use specialized hardware called an application-specific integrated circuit (ASIC), which performs switching functions in hardware rather than using the CPU and software. ASIC allows switches to perform the switching function at wire speed. Caching engines store frequently accessed content for faster access. Content is retrieved from the local network instead of the internet. Ethernet bonding creates two or more physical connections to the same network by bonding NICs or switch ports together. Ethernet bonding provides increased performance and some fault tolerance. A traffic shaper (also called a bandwidth shaper) is a device that's capable of modifying the flow of data through a network. This happens in response to network traffic conditions.
Match the Class of Service (CoS) priority on the left with its corresponding value on the right.
Class of Service (CoS) marks individual frames with a priority value between 0 and 7: 0 - Background 1 - Best effort 2 - Excellent effort 3 - Critical applications 4 - Video (< 100ms latency) 5 - Voice (< 10ms latency) 6 - Internetwork control 7 - Network control
Which of the following statements about DSCP are true? (Select two.)
Classification occurs at Layer 3. It uses the DiffServ field to add precedence values. - The Differentiated Services Code Point (DSCP) classification system has the following characteristics: Classification occurs at Layer 3. Precedence values are inserted in an IP packet's DiffServ field. Up to 64 different classifications are possible, but most networks use only the following ones:Default Best EffortExpedited Forwarding (EF) - low loss, low latencyAssured Forwarding (AF) - assured delivery under prescribed conditionsClass Selector - maintains backward compatibility with the IP Precedence field
Your organization uses a time-keeping application that only runs on Windows 2000 and does not run on newer OS versions. Because of this, there are several Windows 2000 workstations on your network. Last week, you noticed unusual activity on your network coming from the workstations. After further examination, you discover that they were victims of a malicious attack and were being used to infiltrate the network. You find out that the attackers were able to gain access to the workstations because of the legacy operating system being used. Your organization still needs to use the Windows 2000 workstations (which need to be connected to the internet) but you want to make sure that the network is protected from future attacks. Which solution should you implement to protect the network while also allowing operations to continue as normal?
Configure VLAN membership so that the Windows 2000 workstations are on their own VLAN. - The best solution is to place the Windows 2000 workstations in their own VLAN. If you use VLAN network segmentation, the workstations will still have access to the internet, but network access can be heavily restricted. This greatly reduces the damage a workstation can cause if it were to become compromised again. Legacy operating systems, such as Windows 2000, are easy targets for attackers. This is because these operating systems use outdated protocols and have known exploits. Installing antivirus software or a host-based firewall would do very little to protect the entire network. In addition, legacy operating system are no longer supported with updates or patches, so enabling automatic updates would offer no benefit. Creating a dedicated network for the workstations would affect normal operations and also increase the network management load.
You have a website that uses multiple servers for different types of transactions. For example, one server is responsible for static web content, while another is responsible for secure transactions. You would like to implement a device to speed up access to your web content. The device should be able to distribute requests between the various web servers using specialized hardware, not just software configurations. In addition, SSL sessions should use the hardware components in the device to create the sessions. Which type of device should you use to accomplish this?
Content switch - Use a content switch to perform these functions. Switches use specialized hardware modules to perform common tasks. For example, you can have a switch with a special hardware module that's used for SSL connections. Using the hardware module in a specialized switch is faster than using the CPU or software in another device. A bandwidth shaper (also called a traffic shaper) is a device that's capable of modifying the flow of data through a network. This happens in response to network traffic conditions. A proxy server is a server that sits between a client and a destination device and can be configured to filter requests based on URL. However, a proxy server uses software and not hardware to perform these tasks. A circuit-level gateway uses the session information to make filtering decisions for allowed or denied traffic.
A web server on your network hosts your company's public website. You want to make sure that an NIC failure doesn't prevent the website from being accessible on the internet. Which solution should you implement?
Ethernet bonding - Ethernet bonding (also called NIC teaming) logically groups two or more physical connections to the same network. If one NIC fails, the second one with a connection to the same network can still be used. Spanning Tree is a protocol on a switch that allows it to maintain multiple paths between other switches within a subnet. A traffic shaper (also called a bandwidth shaper) is a device that's capable of modifying the flow of data through a network. This happens in response to network traffic conditions. Quality of Service (QoS) refers to a set of mechanisms that try to guarantee timely delivery or minimal delay of important or time-sensitive communications.
What is the purpose of using Ethernet bonding? (Select two.)
Increases network performance. Provides a failover solution for network adapters. - In a true fault-tolerant strategy, you must consider all the system components. Ethernet bonding (also called adapter teaming) is a fault-tolerant strategy that uses multiple network adapters configured as a failover solution. In the event of a NIC failure, other adapters automatically provide link redundancy. Multiple adapters can also increase performance by distributing the network load.
Which type of switch optimizes network performance by using ASIC to perform switching at wire speed?
Multilayer switch - A multilayer switch uses specialized hardware called an application-specific integrated circuit (ASIC) to perform switching functions in hardware rather than using the CPU and software. ASIC allows switches to perform the switching function at wire speed. Layer 2 switches use the CPU and software to forward frames. Unmanaged switches are also called Layer 2 switches. A Layer 1 switch is another name for a hub, which does not perform any traffic inspection. Rather, the switch sends out received packets on all ports.
You are in the process of implementing a network access protection (NAP) infrastructure to increase your network's security. You are currently configuring the remediation network that non-compliant clients will connect to in order to become compliant. You need to isolate the remediation network from the secure network. Which technology should you implement to accomplish this task?
Network segmentation - Implementing network segmentation would isolate the remediation server from the rest of the network while still allowing the remediation server to contact the NAP infrastructure. A virtual private network (VPN) creates a secure connection between two hosts or two sites over an unsecured network. Encrypting data transmissions using PKI would only protect transmitted data, not isolate the remediation network. Port security identifies allowed and denied devices that connect to a switch port. Doing this would not isolate the remediation network.
