Data Communications and Networks Final

Subnetting operates at Layer _____ while VLANs function at Layer _____ .

Layer 3, Layer 2

At what layer of the OSI model do proxy servers operate?

Layer 7

Leading up to the year 2000, many people expected computer systems the world over to fail when clocks turned the date to January 1, 2000. What type of threat was this?

Logic Bomb

What file must be accessed in order to analyze SNMP logs?

MIB (Management Information Base)

On which networking device do you configure VLANs?

Managed Switches

Which VLAN is designed to support administrative access to networking devices?

Management VLAN

A company wants to have its employees sign a document that details some project-related information that should not be discussed outside the project's team members. What type of document should they use?

NDA

Which VLAN on a switch manages untagged frames?

Native VLAN

When you arrive at work one morning, your inbox is full of messages complaining of a network slowdown. You collect a capture from your network monitor. What can you compare it to in order to determine what has changed?

Network Baseline

_____ in SONET are analogous to the of _____ T-carriers.

OC Levels, Digital Signal Levels

What are two types of virtual circuits?

PVC (Permanent Virtual Circuit) and SVC (Switched Virtual Circuit)

What type of adapters are required on servers in an FCoE storage network?

Converged Network Adapters (CNA)

Which of the following features of a network connection between a switch and server is not improved by link aggregation?

Speed

What device must be installed on a DSL network to protect the sound quality of phone calls?

Splitter

What are the two main categories of UPSes?

Standby and Online

What method does a GSM network use to separate data on a channel?

TDMA

Which ISDN channel carries signaling information?

The Bearer channel (or B channel)

While troubleshooting a recurring problem on your network, you will want to examine the TCP messages being exchanged between a server and a client. Which tool should you use?

WireShark

Which formulas can be used to calculate the magic number? Choose two.

a. 256 - the interesting octet d. 2^h

While designing your network's VLAN topology, your team has decided to use a centrally managed DHCP server rather than creating a separate DHCP server for each VLAN. What software will you need in order to make the central DHCP server accessible across VLANs?

a. DHCP relay agent

What do well-chosen subnets accomplish? IP address spaces overlap for easier management..

a. Network documentation is easier to manage.

What is the least number of bits you would need to borrow from the network portion of a Class B subnet mask to get at least 130 hosts per subnet?

b. Eight

How many bits of a Class A IP address are used for host information?

c. 24 bits

Which hexadecimal block in an IPv6 address is used for the Subnet ID?

c. The fourth one

Which of the following is not a good reason to segment a network?

c. To increase the number of networking devices on a network

What is the formula for determining the number of possible hosts on a network?

d. 2^h - 2 = Z

Which IEEE standard determines how VLANs work on a network?

d. 802.1Q

What characteristic of ARP makes it particularly vulnerable to being used in a DoS attack?

· It performs no authentication

What type of scanning might identify that Telnet is running on a server?

· Port scanning

Only one exists on a network using STP.

· Root bridge

Which form of SHA was developed by private designers?

· SHA-3

What unique characteristic of zero-day exploits make them so dangerous?

· The vulnerability is exploited before the software developer has the opportunity to provide a solution for it or before the user applies the published solution

What kind of ticket is held by Kerberos's TGS?

· Tickets that grant access to a network service once a client has been authenticated by the authentication server (AS) · Ticket-Granting ticket (TGT)

Why do network administrators create domain groups to manage user security privileges?

· To assign appropriate permissions for each group and to prevent access to network resources that are not needed

Why is a BPDU filter needed at the demarc?

· To prevent the ISP's WAN topology from mixing with the corporate network's topology for the purpose of plotting STP paths · Disable STP on specific ports

Which of the following features is common to both an NGFW and traditional firewalls?

· User authentication

Where does an MPLS label go in a PDU?

Between Layers 2 and 3

What is the maximum capacity of a T1 line?

1.544 Mbps

Suppose your company has leased one Class C license, 120.10.10.0, and wants to sublease the first half of these IP addresses to another company. What is the CIDR notation for the subnet to be subleased? What is the subnet mask for this network?

120.10.10.0/25 255.255.255.128

What is the network ID with CIDR notation for the IP address 172.16.32.108 whose subnet mask is 255.255.255.0?

172.16.32.108/24

How many channels are in an ISDN PRI connection?

23B+D

How large is an ATM cell?

53 bytes

What information is typically included in a Layer 1 frame?

A start symbol or short preamble, a length field, the Layer 2 payload, and possibly a marker to end the frame

Accounting What feature of Windows Server allows for agentless authentication?

AD (Active Directory)

Which of the following is not one of the three AAA services provided by RADIUS and TACACS+?

Access Control

What two types of modulation does DSL use to carry data?

Amplitude and Phase Modulation

What is the primary goal of disaster recovery?

Business continuity

Why might organizations be willing to take on the risk of BYOD?

Cheaper for organizations to implement and tend to improve efficiency and morale for employees and students

What kind of network is the PSTN?

Circuit Switched

Which QoS technique operates at Layer 2 to more efficiently route Ethernet traffic between VLANs?

CoS (Class of Service)

Which type of disaster recovery site contains all the equipment you would need to get up and running again after a disaster, and yet would require several weeks to implement?

Cold Site

What area of a network can provide less stringent security so a web server is more accessible from the open Internet?

DMZ (Demilitarized Zone)

A spoofed DNS record spreads to other DNS servers. What is this attack called?

DNS Poisoning

What specifications define the standards for cable broadband?

DOCSIS

Which type of DoS attack orchestrates an attack using uninfected computers?

DRDoS (Distributed Reflection DoS) attack

Which of these attacks is a form of Wi-Fi DoS attack?

Deauthentication Attack

An organization can lease a private _____ that is not shared with other users, or a _____ that can be physically configured over shared lines in the carrier's cloud.

Dedicated Line, Virtual Circuit

Which fields are modified in IPv4 and IPv6 packets to help prioritize traffic for QoS?

DiffServ for IPv4 and Traffic Class for IPv6

What field in an IPv4 packet is altered to prioritize video streaming traffic over web surfing traffic?

Diffserv

What kinds of alerts can you program your network monitor to send to IT staff when it detects specific, problematic conditions?

Email, text (SMS), or new support tickets

What are three examples of Layer 2 LAN or PAN standards that also function at Layer 1?

Ethernet, USB, Wi-Fi

What type of network combines fiber with coax?

HFC (Hybrid Fiber Coaxil)

Why might you want to install two power supplies in a critical server?

If one power supply fails, the other can take over: redundancy

A former employee discovers six months after he starts work at a new company that his account credentials still give him access to his old company's servers. He demonstrates his access to several friends to brag about his cleverness and talk badly about the company. What kind of attack is this?

Insider Threat

What protocol is most often used to bond ports between a switch and a busy server?

LACP (Link Aggregation Control Protocol)

Active Directory and 389 Directory Server are both compatible with which directory access protocol?

LDAP

What is the lowest layer of the OSI model at which LANs and WANs support the same protocols?

Layer 3

What kind of attack simulation detects vulnerabilities and attempts to exploit them?

Penetration Testing

A company accidentally sends a newsletter with a mistyped website address. The address points to a website that has been spoofed by hackers in order to collect information from people who make the same typo. What kind of attack is this?

Phishing

What port do SNMP agents listen on?

Port 161

What are the four phases in the social engineering attack cycle?

Research, Building Trust, Exploit, Exit

Which protocol can provide VoIP services over a Metro Ethernet connection?

SIP (Session Initiation Protocol)

What command requests the next record in an SNMP log?

SNMP Get Next

Which of the following is considered a secure protocol?

SSH

What kind of device can monitor a connection at the demarc but cannot interpret data?

Smart Jack

One of your coworkers downloaded several, very large video files for a special project she's working on for a new client. When you run your network monitor later this afternoon, what list will your coworker's computer likely show up on?

Top Listener

Your roommate has been hogging the bandwidth on your router lately. What feature should you configure on the router to limit the amount of bandwidth his computer can utilize at any one time?

Traffic Shaping

Which DSL standard has the fastest speeds immediately outside the CO?

VDSL

An attacker configures a VLAN frame with two tags instead of just one. The first tag directs the frame to the authorized VLAN. After the frame enters the first VLAN, the switch appropriately removes the tag, then discovers the next tag, and sends the frame along to a protected VLAN, which the attacker is not authorized to access. What kind of attack is this?

VLAN Hopping

Which IP addressing technique subnets a subnet to create subnets of various sizes?

VLSM (Variable Length Subnet Mask )

What is the difference between a vulnerability and an exploit?

Vulnerability is a weakness of a system, process, or architecture that could lead to compromised information or unauthorized access to a network Exploit is the act of taking advantage of a vulnerability

Your organization has just approved a special budget for a network security upgrade. What procedure should you conduct in order to make recommendations for the upgrade priorities?

d. Posture assessment

Which port mode on a switch enables that port to manage traffic for multiple VLANs?

d. Trunk

Which Cisco command lists configured VLANs on a switch?

show VLAN

What software might be installed on a device in order to authenticate it to the network?

· Agent

What's the essential difference between an IPS and an IDS?

· An IDS can only detect and log suspicious activity. An ISP can react when alerted to such activity

Which NGFW feature allows a network admin to restrict traffic generated by a specific game?

· Application awareness

What are the two primary features that give proxy servers an advantage over NAT?

· Content filtering , file caching

What kind of firewall blocks traffic based on application data contained within the packets?

· Content-filtering firewall

A neighbor hacks into your secured wireless network on a regular basis, but you didn't give him the password. What loophole was most likely left open?

· Default password was not changed

Any traffic that is not explicitly permitted in the ACL is, which is called the .

· Denied, implicit deny rule

List five subtypes of DoS attacks.

· Distributed DoS, Distributed Reflection DoS, Amplified DoS, Permanent DoS, and Friendly DoS

Give an example of biometric detection.

· Face recognition on an iphone

What causes most firewall failures?

· Firewall misconfiguration

What kinds of issues might indicate a misconfigured ACL?

· When troubleshooting problems with performance between two hosts · or when some applications or ports can make the connection while others cant · Connectivity and performance issues between two hosts in which some applications or ports can make the connection while others cant

EAPoL is primarily used with what kind of transmission?

· Wireless LANs

Which of the following ACL commands would permit web-browsing traffic from any IP address to any IP address?

· access-list acl_2 permit http any any

Which command on an Arista switch would require an SNMP notification when too many devices try to connect to a port?

· switchport port-security