MIS 3317 Chapter 9
26) Which of the following IPv4 addresses would be used for Internet transmission? A) 10.x.x.x B) 128.171.x.x C) both A and B D) neither A nor B
B) 128.171.x.x
12) If the subnet ID in an IPv6 address is 32 bits, how long is the routing prefix? A) 16 bits B) 32 bits C) 64 bits D) none of the above
B) 32 bits
32) ________ is a general naming system for the Internet. A) NAT B) DNS C) DHCP D) Dotted decimal notation
B) DNS
80) Which has stronger security? A) SSL/TLS B) IPsec C) Both have about equal security.
B) IPsec
21) In NAT, the ________ creates new external source IP addresses and port numbers. A) router B) firewall C) source host D) destination host
B) firewall
36) Which is a type of top-level domain? A) generic TLD B) specific TLD C) both A and B D) neither A nor B
B) specific TLD
11) What field in an IPv6 global unicast address corresponds to the subnet part of an IPv4 address? A) global routing prefix B) subnet ID C) interface ID D) none of the above
B) subnet ID
61) Ping is for ________ messages. A) error advisory B) supervisory C) both A and B
B) supervisory
34) ".com" is a ________. A) root domain B) top-level domain C) second-level domain D) none of the above
B) top-level domain
35) ".edu" is a ________. A) root domain B) top-level domain C) second-level domain D) none of the above
B) top-level domain
66) Which protects more of the original IP packet? A) transport mode B) tunnel mode C) Both provide the same protection to the IP packet.
B) tunnel mode
8) Your firm has a 22-bit network part and a 6-bit subnet part. How many hosts can you have per subnet? A) 6 B) 8 C) 14 D) none of the above
C) 14
40) A company has a domain name. What else must it have before it can make a website available to the public? A) a DNS server to host its domain name B) the website itself C) both A and B D) neither A nor B
C) both A and B
1) If your subnet part is 8 bits long, you can have ________ subnets. A) 64 B) 128 C) 256 D) 254
D) 254
5) Your firm has an 8-bit network part. If you need at least 200 subnets, what must your subnet part size be? A) 5 B) 6 C) 7 D) 8
D) 8
27) For an internal client to use NAT to communicate with an external webserver, the client must be configured to do so.
FALSE
28) NAT is transparent to all applications.
FALSE
79) Options for major cryptographic methods are sometimes unacceptably weak and must be prohibited.
TRUE
60) ICMP is used for ________. A) error messages B) configuration messages C) routing messages D) none of the above
A) error messages
25) Which of the following is a private IP address range? A) 10.x.x.x B) 128.171.x.x C) both A and B D) neither A nor B
A) 10.x.x.x
42) The DNS ________ record is for the host name's ________ address A) A; IPv4 B) A; IPv6 C) AAAA; IPv4 D) none of the above
A) A; IPv4
65) Which of the following is more widely used? A) ESP B) AH C) Both are about equally widely used
A) ESP
17) The IEEE calls a 64-bit interface addresses that it designed a(n) ________ address. A) Extended Unique Identifier-64 B) Interface ID C) MAC address D) IP address
A) Extended Unique Identifier-64
51) Good security is an enabler if a company wishes to use SNMP ________ commands. A) Get B) Set C) Trap D) Reset
A) Get
76) The SA is negotiated in the ________. A) IKE phase B) IPsec protection phase C) AES phase D) none of the above
A) IKE phase
53) ________ is an interior dynamic routing protocol. A) OSPF B) BGP C) both A and B D) neither A nor B
A) OSPF
81) Which is less expensive to implement? A) SSL/TLS B) IPsec C) Both cost about the same to implement.
A) SSL/TLS
23) NAT ________. A) allows a firm to have more internal IP addresses B) reduces cost C) both A and B D) neither A nor B
A) allows a firm to have more internal IP addresses
62) Pinging is to send ICMP ________ messages to the target host. A) echo request B) error advisement C) ping D) echo
A) echo request
71) In tunnel mode, ESP fields surround an IPv4 packet's ________. A) entire length B) header C) data field D) none of the above
A) entire length
54) A company is free to select whatever ________ dynamic routing protocol it wishes. A) interior B) exterior C) both A and B D) neither A nor B
A) interior
57) A company is free to select its ________. A) interior dynamic routing protocol B) exterior dynamic routing protocol C) both A and B D) neither A nor B
A) interior dynamic routing protocol
10) The routing prefix in IPv6 is like the ________ part in an IPv4 address. A) network B) subnet C) host D) both A and B
A) network
47) Which of the following would be an SNMP object? A) number of rows in routing table B) a managed switch C) both A and B D) neither A nor B
A) number of rows in routing table
24) NAT enhances security by ________. A) preventing sniffers from learning internal IP addresses B) encryption C) both A and B D) neither A nor B
A) preventing sniffers from learning internal IP addresses
38) The highest-level DNS servers are called ________. A) root servers B) top-level domain servers C) both A and B D) neither A nor B
A) root servers
52) Dynamic ________ protocols allow routers to transmit routing table information to one another. A) routing B) transport C) synchronization D) none of the above
A) routing
45) An advantage of using DHCP to configure clients is that ________. A) the configuration information will be up-to-date B) the configuration will be done securely C) both A and B D) neither A nor B
A) the configuration information will be up-to-date
43) The DNS ________ record is for the host name's ________ address A) AAAA; IPv4 B) AAAA; IPv6 C) both A and B D) neither A nor B
B) AAAA; IPv6
55) Which of the following can route non-IP packets? A) OSPF B) EIGRP C) both A and B D) neither A nor B
B) EIGRP
68) In remote access VPNs, IPsec has an ________ at the corporate site. A) IPsec firewall B) IPsec gateway C) IPsec proxy server D) IPsec endpoint
B) IPsec gateway
77) SA protections are applied in the ________. A) IKE phase B) IPsec protection C) AES D) none of the above
B) IPsec protection
20) ________ is the process of presenting external IP addresses that are different from internal IP addresses used within the firm. A) DNS B) NAT C) DHCP D) none of the above
B) NAT
50) In SNMP, companies are often reluctant to use ________ commands because of security dangers. A) Get B) Set C) Trap D) Request
B) Set
46) In SNMP, the manager communicates directly with a(n) ________. A) managed device B) agent C) object D) access point
B) agent
64) IPsec protects ________ layer content. A) data link B) application C) both A and B D) neither A nor B
B) application
3) Your subnet part is 8 bits long. How many hosts can you have per subnet? A) 8 B) 14 C) 254 D) none of the above
C) 254
6) You have a 20-bit network part and a 4-bit subnet part. How many hosts can you have per subnet? A) 15 B) 16 C) 254 D) none of the above
C) 254
7) Your firm has a 22-bit network part. What subnet part would you select to give at least 10 subnets? A) 2 bits B) 3 bits C) 4 bits D) none of the above
C) 4 bits
14) If your routing prefix is 16 bits, how long is your subnet ID? A) 16 bits B) 32 bits C) 48 bits D) not possible to caculate
C) 48 bits
16) In an IPv6 global unicast address, the interface ID is ________ bits long. A) 8 B) 16 C) 64 D) Its size varies.
C) 64
4) In IP subnet planning, you need to have at least 130 subnets. How large should your subnet part be? A) 6 B) 7 C) 8
C) 8
75) The first stage of IPsec uses the ________ protocol. A) SSL/TLS B) AES C) IKE D) SHA
C) IKE
78) SAs in two directions ________. A) are always the same B) are always different C) are sometimes different
C) are sometimes different
13) In a large company, you want ________. A) as big a routing prefix as you can have B) a medium-size routing prefix C) as small a routing prefix as you can have D) The size of the routing prefix is of no importance.
C) as small a routing prefix as you can have
29) If your local DNS server does not know the host name of an IP address, it will get the address from a(n) ________. A) root DNS server B) proxy DNS server C) authoritative DNS server D) none of the above
C) authoritative DNS server
22) NAT ________. A) allows a firm to have more internal IP addresses B) provides some security C) both A and B D) neither A nor B
C) both A and B
31) The domain name system ________. A) is a way to find a host's IP addresses if your computer only knows the host's host name B) is a general naming system for the Internet C) both A and B D) neither A nor B
C) both A and B
44) A DHCP server provides a client with ________. A) one or more IP addresses for it to use B) the IP address of one or more DNS servers C) both A and B D) neither A nor B
C) both A and B
48) Which of the following would be an SNMP object? A) number of rows in routing table B) system uptime (since last reboot) C) both A and B D) neither A nor B
C) both A and B
67) IPsec is used for ________ VPNs. A) remote-access B) site-to-site C) both A and B D) neither A nor B
C) both A and B
73) SLAs define ________. A) cryptographic methods B) cryptographic options C) both A and B D) neither A nor B
C) both A and B
70) In transport mode, ESP fields surround an IPv4 packet's ________. A) entire length B) header C) data field D) none of the above
C) data field
18) A step in creating an EUI-64 is dividing a 48-bit MAC address in half and inserting ________ in the center. A) the interface ID B) the subnet ID C) fffe D) 0000
C) fffe
9) Which is NOT one of the three parts of a public IPv6 unicast address? A) subnet ID B) routing prefix C) host part D) All of the above are parts in a public IPv6 unicast address.
C) host part
59) In the Border Gateway Protocol, "gateway" means ________. A) firewall B) switch C) router D) none of the above
C) router
19) Convert the following EUI-48 address to a modified EUI-64 address: AA-00-00-FF-FF-00. A) aa00:ff:feff:ff0 B) ae00:ff:feff:ff0 C) aa00:00ff:feff:ff0 D) ae00:00ff:feff:ff0
D) ae00:00ff:feff:ff0
69) Which of the following is used in ESP? A) ESP header B) ESP trailer C) Integrity check value D) all of the above
D) all of the above
33) In DNS, a group of resources under the control of an organization is called a ________. A) network B) subnet C) scope D) domain
D) domain
58) The almost-universal exterior dynamic routing protocol is ________. A) EIGRP B) OSPF C) both A and B D) neither A nor B
D) neither A nor B
2) If your subnet part is 7 bits long, how many subnets can you have? A) 128 B) 256 C) 512 D) none of the above
D) none of the above
72) In IPv6, ESP protects the IP packet's_____. A) entire length B) payload C) header D) none of the above
D) none of the above
74) In IPsec, agreements about how security will be done are called ________. A) tranches B) security contracts C) service-level agreements D) security associations
D) security associations
30) If the local DNS server does not know an IP address and must contact a remote DNS server, which DNS server will return the response to the client? A) the local DNS server B) the remote DNS server C) either A or B D) No IP address will be returned to the client.
A) the local DNS server
63) What security concern do ICMP echo request messages and echo response messages bring? A) attackers can disable the other host B) attackers can learn that the other host's IP address is in use C) attackers can change the other host's IP address D) all of the above.
B) attackers can learn that the other host's IP address is in use
39) Companies get second-level domains from ________. A) the IETF B) domain registrars C) the Internet Society D) the United States Government
B) domain registrars
15) The part of an IPv6 global unicast address that designates the host is called the ________. A) host part B) interface ID C) routing prefix D) none of the above
B) interface ID
41) For a particular domain name, a DNS server will have ________. A) a single record B) multiple records C) two records—one for IPv4 and one for IPv6. D) all of the above
B) multiple records
37) Corporations wish to have ________ domain names. A) top-level B) second-level C) third-level D) none of the above
B) second-level
56) You need to use EIGRP if ________. A) you have TCP/IP traffic exclusively B) some of your traffic is TCP/IP traffic C) both A and B
B) some of your traffic is TCP/IP traffic
49) Which of the following would be an SNMP interface object? A) number of rows in routing table B) whether the interface is undergoing testing C) both A and B D) neither A nor B
B) whether the interface is undergoing testing
