14.3.9

Ace your homework & exams now with Quizwiz!

You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution? (Select two.)

1) Remediation servers 2) 802.1x authentication

Match the port security MAC address type on the left with its description on the right

A MAC address manually identified as an allowed address. SecureConfigured A MAC address that has been learned and allowed by the switch. SecureDynamic A MAC address that is manually configured or dynamically learned that is saved in the config file. SecureSticky

You are the network administrator for a city library. Throughout the library, there are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so only the library computers are permitted connectivity to the internet. What can you do to fix this problem?

Configure port security on the switch.

A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organization's firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?

DHCP snooping

Which of the following actions should you take to reduce the attack surface of a server?

Disable unused services.

A network switch is configured to perform the following validation checks on its ports: • All ARP requests and responses are intercepted. • Each intercepted request is verified to ensure Each intercepted request is verified to ensure that it has a valid IP that it has a valid IP--toto--MAC address binding. MAC address binding. • If the packet has a valid binding, the switch forwards the packet to the appropriate destination. • If the packet has an invalid binding, the switch drops the ARP packet. Which security feature was enabled on the switch to accomplish this task?

Dynamic ARP Inspection

Match the network Access Protection (NAP) component on the left with is description on the right.

Generates a statement of health (SoH) that reports the client configuration for health requirements. NAP client Runs the System Health Validator (SHV) program. NAP server Is clients' connection point to the network. Enforcement server (ES) Contain resources accessible to noncompliant computers on the limited access network. Remediation server

Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?

NAC

You manage a network that uses switches. In the lobby of your building are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers into the free network jacks and connect to the network, but you want employees who plug into those same jacks should be able to connect to the network. What feature should you configure?

Port authentication

Which type of security uses MAC addresses to identity devices that are allowed or denied a connection to a switch?

Port security

A network utilizes a network access control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?

Posture assessment

Your company is a small start-up that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?

VLAN

In which of the following situations would you use port security?

You want to restrict the devices that could connect through a switch port


Related study sets

Weather Proverbs/ Farmer's Almanac,Abdul

View Set

What is this? مَا هَذَا؟ مَا هَذِهِ؟

View Set

Sole - Chapter 12: Shock, Sepsis, and Multiple Organ Dysfunction Syndrome

View Set

Ch. 21 Respiratory Care Modalities

View Set

Nurs 211 Chapter 16: Outcome Identification and Planning

View Set

ABA: Business Analysis Planning and Monitoring

View Set

Quiz 3: The great Depression & new deal

View Set