Net+ pt4

Ace your homework & exams now with Quizwiz!

Which IEEE standard specifies how VLAN information appears in frames and how switches interpret that information?

802.1Q

What type of scenario would be best served by using a Platform as a Service (PaaS) cloud model?

A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides.

A single switch can support traffic belonging to several VLANs across the network, thanks to the technique known as porting.

False

A virtual firewall is merely an application, like Windows Firewall.

False

FTPS (FTP Security or FTP Secure) and SFTP (Secure FTP) are two names for the same protocol.

False

In public key encryption, data is encrypted with a private key known only to the user, and decrypted with a mathematically related public key that can be made available through a third-party source.

True

True or False: A network administrator might separate traffic in order to enhance security.

True

True or False: There are no IPv6 equivalents to IPv4 Class A, Class B, or Class C networks.

True

VMLA allows subnets to be further subdivided into smaller and smaller groupings until each subnet is about the same size as the necessary IP address space.

True

When a hacker attempts to perform a VLAN hopping attack, two approaches likely to be used include double tagging or switch spoofing.

True

In which networking mode, can VMs on one host exchange data with each other and with their host, but they cannot communicate with any nodes beyond the host?

host-only

CIDR notation takes the network ID or a host’s IP address and follows it with a symbol followed by the number of bits used for the network ID. Which symbol is used?

/

A subnet of 255.255.248.0 can be represented by what CIDR notation?

/21

You have been tasked with the creation and design of a network that must support a minimum of 5000 hosts. Which network accomplishes this goal?

10.3.0.0/19

On a Cisco switch, what would the security association identifier be for VLAN 13?

100013

A network with 10 bits remaining for the host portion will have how many usable host addresses?

1022

Given a host IP address of 172.16.1.154 and a subnet mask of 255.255.254.0, what is the network ID for this host?

172.16.0.0

An IP address of 192.168.18.73/28 has what network ID?

192.168.18.64

By default, when using classful addressing, how many bits exist in the host portion of a Class A address?

24

What subnet mask can be used to segment the 172.16.0.0 network to allow for a minimum of 6 subnets while maximizing the number of hosts per subnet?

255.255.224.0

A network with a CIDR notation of /26 would have what subnet mask?

255.255.255.192

How many /64 subnets can be created within a /56 prefix?

256

Which of the following is NOT a task that a VPN concentrator is responsible for?

A VPN concentrator shuts down established connections with malicious traffic occurs.

In an IPv6 address, what do the first four blocks or 64 bits of the address represent?

The site prefix or global routing prefix.

Which statement regarding the use of a bridged mode vNIC is accurate?

The vNIC will its own IP address on the physical LAN.

All types of remote access techniques connecting to a network require at least one of the two different types of remote access services, either dedicated devices or software running on a server.

True

An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models.

True

By default, the native VLAN is the same as the default VLAN.

True

IPv6 addressing does not utilize classful addressing, therefore every IPv6 address is classless.

True

In ANDing, a bit with a value of 1 combined, or anded, with another bit with a value of 1 results in a 1. A bit with a value of 0 anded with any other bit results in a 0.

True

In order to identify the transmissions that belong to each VLAN, a switch will add a tag to Ethernet frames that identifies the port through which they arrive at the switch.

True

Managed switches can be configured via a command-line interface or a web-based management GUI, and sometimes can be configured in groups.

True

Network segmentation at Layer 2 of the OSI model is accomplished using VLANs.

True

Office 365 is an example of an SaaS implementation with a subscription model.

True

PAP (Point-to-Access Protocol) is a Data Link layer protocol that directly connects two WAN endpoints.

True

PPP can support several types of Network layer protocols that might use the connection.

True

Some of the features that all cloud services usually have in common include on-demand, metered, and elastic.

True

The Virtual Network Computing (VNC) application uses the cross-platform remote frame buffer (RFB) protocol.

True

True or False: A VLAN groups ports on a Layer 2 switch so that some of the local traffic on the switch is forced to go through a router.

True

Amazon and Rackspace both utilize what virtualization software below to create their cloud environments?

Citrix Xen

Which of the following virtualization products is an example of a bare-metal hypervisor?

Citrix XenServer

What special enterprise VPN supported by Cisco devices creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels?

Dynamic Multipoint VPN

The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field?

FCS

A Type 2 hypervisor installs on a computer before any OS, and is therefore called a bare-metal hypervisor.

False

A native VLAN is typically preconfigured on a switch and initially includes all the switch's ports. A default VLAN receives all untagged frames from untagged ports.

False

A native VLAN mismatch occurs when two access ports that are connected to each other are both tagging traffic with different VLAN IDs.

False

After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel.

False

All that is needed to provide communication between two VLANs is a DHCP relay agent.

False

An unmanaged switch can still support the creation of VLANs, provided there is an interface for configuration.

False

In 1993, the IETF devised a shorthand method for identifying network and host bits in an IP address called DCI.

False

Network segmentation decreases both performance and security on a network.

False

Only Class B and Class C networks can be subnetted.

False

The HTTPS (HTTP Secure) protocol utilizes the same TCP port as HTTP, port 80.

False

True or False: An unmanaged switch can be configured via a command-line interface or a web-based GUI.

False

True or False: SSH provides little security for establishing a connection and no security for transmitting data.

False

True or False: Subnet masks are only used in IPv4 classful addressing.

False

True or False: VMs that must be available at a specific address, such as mail servers or Web servers, should be assigned host-only network connections.

False

A centrally managed DHCP server can provide DHCP assignments to multiple subnets with the help of which of the following?

DHCP relay agent

Which statement regarding the IKEv2 tunneling protocol is accurate?

IKEv2 offers fast throughput and good stability when moving between wireless hotspots.

What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?

IPsec

In which cloud computing service model are hardware services provided virtually, including network infrastructure devices such as virtual servers?

IaaS

Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers?

IaaS

When an 802.1Q tag is added to an Ethernet frame, where is it placed?

It is inserted between the source address and the Ethernet type field.

VMware Player and Linux KVM are both examples of what type of hypervisor?

Type 2 hypervisor

When dealing with a Cisco switch, what is NOT one of the pre-established VLANs?

VLAN 1001

Some common configuration errors that can occur when configuring VLANs include all of the following EXCEPT

VLAN separation

Regarding VNC (Virtual Network Computing or Virtual Network Connection), what statement is accurate?

VNC is open source, allowing companies to develop their own software based on VNC.

At what layer of the OSI model does the IPsec encryption protocol operate?

Network layer

With VTP, where is the VLAN database stored?

On the switch that is known as the stack master.

Which of the following cloud deployment models would the Internet be considered as an example?

Public

What statement regarding the SSH (Secure Shell) collection of protocols is accurate?

SSH supports port forwarding

What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?

SaaS

What is NOT one of the ways in which networks are commonly segmented?

by device manufacturer

Which type of protocol allows the client and server to introduce themselves to each other and establish terms for how they will exchange data?

handshake

On certain Cisco products, what command can be used to create and send helper messages that support several types of UDP traffic, including DHCP, TFTP, DNS, and TACACS+?

ip helper-address

The combination of a public key and a private key are known by what term below?

key pair

When deploying cloud services, some of the deployment models you might encounter include all of the following EXCEPT

limited cloud

Subtracting an interesting octet value from 256 yields what number?

magic number

Which of the following types of VLANs receives all untagged frames from untagged ports?

native VLAN

What term is used to describe a space that is rented at a data center facility by a service provider?

point of presence (PoP)

To protect data at rest, in use, and in motion, the CIA triad used to evaluate encryption methods are primarily evaluated by three benchmarks including all of the following EXCEPT

privacy

An interface that manages traffic from multiple VLANs is known by what term?

trunk port

In order to generate a public and private key for use with SSH, what command line utility should you use?

ssh-keygen

To identify the transmissions that belong to each VLAN, the switch adds which of the following to Ethernet frames?

tag

How large is the 802.1Q tag that is added to an Ethernet frame when using VLANs?

4 bytes

What is the maximum number of host IP addresses that can exist in a Class B network?

65,534

How many subnets can a /48 site prefix support?

65,536 subnets

What IEEE standard specifies how VLAN information appears in frames and how switches interpret that information?

802.1Q

When using IPv6, what would a /64 network likely be assigned to?

A smaller organization or business.

When using public and private keys to connect to an SSH server from a Linux device, where must your public key be placed before you can connect?

In an authorization file on the host where the SSH server is.

Why is the telnet utility a poor choice for remote access to a device?

It provides poor authentication and no encryption.

What does the VLAN Trunk Protocol (VTP) do?

It shares VLAN database information amongst switches that participate.

By default, what network connection type is selected when creating a VM in VMware, VirtualBox, or KVM?

NAT mode

What open-source VPN protocol utilizes OpenSSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked?

OpenVPN

Which of the following statements regarding the Point-to-Point (PPP) protocol is NOT accurate?

PPP can support strong encryption, such as AH or ESP.

Which of the following is an older, Layer 2 protocol developed by Microsoft that encapsulates VPN data frames?

PPTP

In a software defined network, what is responsible for controlling the flow of data?

SDN controller

Which of the following statements regarding IPv6 subnetting is NOT accurate?

The largest IPv6 subnet capable of being created is a /64.

If the EUI-64 standard is used, what part of an IPv6 address is affected?

The last four blocks of the address.

Which file transfer protocol has no authentication or security for transferring files, uses UDP, and requires very little memory to use?

Trivial FTP (TFTP)

A /24 CIDR block is equivalent to a 255.255.255.0 subnet mask.

True

A centrally managed DHCP server can provide DHCP assignments to multiple subnets (and VLANs) with the help of a DHCP relay agent.

True

A community cloud is a service shared between multiple organizations, but not available publicly.

True

When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites?

VPN gateway

What is NOT a potential disadvantage of utilizing virtualization?

Virtualization software increases the complexity of backups, making creation of usable backups difficult.

When is it appropriate to utilize the NAT network connection type?

Whenever the VM does not need to be access at a known address by other network nodes.

Which of the following terms best describe a small file containing verified identification information about the user and the users public key?

digital certificate

You are working on a Cisco switch and need to learn what VLANs exist on the switch. Which command will list the current VLANs recognized by the switch?

show vlan

The use of certificate authorities to associate public keys with certain users is known by what term?

public-key infrastructure

Which of the following terms is commonly used to describe a VLAN configuration in which one router connects to a switch that supports multiple VLANs?

router-on-a-stick

What command will set the native VLAN on a Juniper switch port?

set native-vlan-id

A _____ is a logically defined device that operates at the Data Link layer to pass frames between the nodes.

virtual switch

Which of the following suggestions can help prevent VLAN hopping attacks on a network?

Disable auto trunking and move native VLANs to unused VLANs.

A vSwitch (virtual switch) or bridge is a logically defined device that operates at what layer of the OSI model?

Layer 2

Data encrypted for use with an IPsec connection may utilize either AH (authentication header) encryption or ESP (Encapsulating Security Payload) encryption.

True

Digital certificates are issued, maintained, and validated by an organization called a certificate authority (CA).

True

Because public key encryption requires the use of two different keys, it is also known as which type of encryption?

asymmetric Also called asymmetric key cryptography. In most instances, each person publishes one key publicly. Parties who wish to communicate with that person will then use that public key to encrypt the data that they wish to transmit. Each person/party has two keys. •Public key which is published and can be accessed by anyone. •Private key, also known as the secret key, that is kept confidential. The two keys are mathematically related. •Information encrypted with the public key can be decrypted only with the private key.


Related study sets

Ch 22 Neuro and Mental Status Assessment PrepU

View Set

Patho HESI practice quiz kfoley29

View Set

Α.Ο.Θ_ΜΙΚΡΟ - τύποι & σύμβολα

View Set

Physics II - Turning Point Questions Exam 2

View Set

What age is the best to be happy?

View Set