Network+ Review Questions Sec. 8-12

What is a digital signature? A) A hashed web page B) An encrypted web page C) A hash of an encrypted data chunk that sender and receiver both have D) A web page that has been hashed with a private key

A hash of an encrypted data chunk that sender and receiver both have. A digital signature starts by encrypting a data chunk with a private key. The results are hashed and sent to a receiver. The receiver performs the same operation on the same data chunk but uses the public key and compares the results

A tech has just installed a new SOHO router for a client. Which security task should the tech perform first? A) Change the administrator name and password B) Disable port forwarding C) Disable the DHCP server D) Enable MAC address cloning

A) Change the administrator name and password

What is the role of port numbers in IP headers? A) Port numbers identify the sending and receiving processes between two hosts B) Port numbers identify which interfaces on a router should receive data in which interfaces forward data out C) Port numbers identify which connectors on a switch that should receive data in and which should forward data out D) Port numbers identify the path of routers between any two hosts that need to communicate with each other

A) Port numbers identify the sending and receiving processes between two hosts

Which of the following is a not an element of a route metric? A) MTU B) Hop distance C) Cost D) Bandwidth

B) Hop distance

Which of the following is not a characteristic of the OSPF routing protocol? A) OSPF is a link state protocol B) OSPF is a distance vector protocol C) OSPF routers are grouped into areas D) OSPF routers in an area elect a designated router and a backup designated router

B) OSPF is a distance vector protocol

What is the job of a router? A) To assign IP addresses to hosts on the network B) To connect networks with different network IDs C) To map IP addresses against MAC addresses D) To allow outside hosts to initiate contact with hosts on the LAN side of a network

B) To connect networks with different network IDs

Which of the following is not a characteristic of the RIP routing protocol? A) RIP is a distance vector protocol B) RIP is an interior gateway protocol C) RIP supports a maximum hop count of 127 hops D) The primary metric of RIP is hop count

C) RIP supports a maximum hop count of 127 hops

In what folder is the HOSTS file located in a Windows computer? A) C:\etc B) C:\Windows\System32\Drivers\etc C) C:\Windows\etc D) C:\Windows\System32\etc

C:\Windows\System32\Drivers\etc In a Windows-based computer, the HOSTS file is found in the C:\Windows\System32\Drivers\etc folder.

Which of the following is not a common certificate error or warning? A) Certificate is on the Certificate Relocation List (CRL) B) Self-signed Certificate C) Expired Certificate D) Certificate not valid for the site

Certificate is on the Certificate Relocation List (CRL) The CRL is the Certificate Revocation List, not the Certificate Relocation List.

Which port on a switch is used to manage the switch? A) Rollover port B) Console port C) Yost port D) Layer-three port

Console port Managed switches may be managed by a standard data port if in-band management is supported, but sophisticated switches use a console port.

Which feature of a SOHO router is not typically found in an enterprise router? A) Two or more router interfaces B) Graphical or textual management interface C) Each interface in the router must be configured D) Built in switch

D) Built in switch

Which of the following is not a characteristic of the BGP routing protocol? A) BGP is a hybrid of distance vector and link state routing protocols B) BGP is broken up into divisions called Autonomous Systems (AS) C) The primary job of BP is to route between ASes D) OSPF is the primary routing protocol between ASes

D) OSPF is the primary routing protocol between ASes

Port forwarding allows which of the following? A) Public Addresses to be assigned to the LAN side of a NAT router B) One host on the LAN side of a NAT router to be assigned with the same public address of the router's WAN interface C) Registers a LAN side host with a portable DNS address D) Outside access to hosts on the LAN side of a NAT router

D) Outside access to hosts on the LAN side of a NAT router

Which statement is not true of static routes? A) Routers can have static routes B) Hosts can have static routes C) Static routes are entered manually and must be manually changed by a human D) Static routes are entered manually but can be automatically changed by the router

D) Static routes are entered manually but can be automatically changed by the router

What is the job of DDNS? A) DDNS allows a local device to randomly change its DNS name B) DDNS rotates the IP address of a local device C) DDNS tracks IP address changes of a local device and updates DNS to reflect those changes D) DDNS prevents the IP address of a local device from being changed

DDNS tracks IP address changes of a local device and updates DNS to reflect those changes. The changes are propagated to a DDNS service which sends the changes to the appropriate DNS servers throughout the Internet.

What is the primary purpose of netstat? A) Captures frames and packets for later review B) Shows your computer's connection(s) to any web server(s) C) Graphical utility that charts amount of network data entering and leaving a host D) Displays all connections to and from a host computer

Displays all connections to and from a host computer, Netstat is a command line utility that shows a computer's network connections.

What does port mirroring accomplish? A) Enables inbound and outbound traffic from switch ports to be duplicated at the mirrored port B) Doubles switch-port bandwidth by a bonding a specified port to the mirrored port C) Redirects any inbound traffic to the mirrored port to another, specified port D) Redirects any outbound traffic from the mirrored port to a host with a specific IP address

Enables inbound and outbound traffic from switch ports to be duplicated at the mirrored port

Which of the following is not a network service problem? A) Duplicate IP address in DHCP scope B) Not enough IP addresses in the DHCP scope C) Overlong DHCP lease protocols D) Exclusions in the DHCP scope

Exclusions in the DHCP scope.

Which of the following is not a network information or troubleshooting utility? A) tracert B) pathping C) FTP D) Bandwidth tester

FTP is a file transfer application, not a testing application.

FTP uses TCP port 20 and TCP port 21. Which choice describes how the ports are used? A) FTP servers listen for commands on port 20 and respond with data on port 21 B) FTP servers listen for commands on port 21 and respond with data on port 20 C) FTP clients send requests on port 21 and receive data on port 21 D) FTP clients send requests on port 20 and receive data on port 20

FTP servers listen for commands on port 21 and respond with data on port 20. Active FTP servers receive commands on port 21 and respond with data on port 20.

Which statement is not true of a forward proxy? A) Forward proxy servers are connected in-line between the front-end router and the LAN and they do not require hosts to be configured B) Forward proxy servers function between the local network and the front-end router C) Forward proxy servers are application-specific D) Hosts must be configured to access the forward proxy server

Forward proxy servers are connected in-line between the front-end router and the LAN and they do not require hosts to be configured

In terms of network security, what is the purpose of hashing? A) Hash is a great side dish with eggs B) Hashing encrypts data C) Hashes are used to verify data integrity D) Hashing decrypts data that was encrypted by hashing

Hashing verifies data integrity by generating unique a value for a given chunk of data.

Ping uses which IP layer protocol? A) ICMP B) ARP C) RIP D) FTP

ICMP

Which statement is true of IPS and IDS systems? A) Passive IDS is the same as IPS B) IPS responds to threats with a notification to a specified staff C) IPS detects then attempts to defend against a threat D) Passive IPS is the same as IDS

IPS detects then attempts to defend against a threat Intrusion Prevention System (IPS) identifies a threat and attempts to prevent it. Passive Intrusion Detection System (IDS) is an old term that means IDS. IPS does not monitor and issue notifications - IPS actively detects and performs its own action to prevent a detected threat.

Which statement is true of inter-VLAN routing? A) InterVLAN routing calls for connecting each VLAN to a port on a router so that data can pass between the VLANs B) Inter-VLAN routing is implemented within switches to enable communication between VLANs C) Inter-VLAN routing encrypts and decrypts traffic between VLANs D) Inter-VLAN routing enabling remote VLANs to connect over a public network, such as the Internet

Inter-VLAN routing is implemented within switches to enable communication between VLANs

A website just changed its IP address and a user is unable to reach it by typing the site's domain name into their browser. What command can the user run to make the computer learn the website's new IP address? A) Ipconfig/updatednscache B) Ipconfig/flushdns C) Ipconfig/all D) Ipconfig/dnsupdate

Ipconfig/flushdns will clear the DNS cache and force the computer to perform a fresh DNS lookup to get the current IP address of a domain name host.

What is the Cisco protocol to perform port bonding? A) LACP B) HSRP C) CARP D) Inter-VLAN Routing

LACP Link Aggregation Control Protocol is a Cisco protocol to bind multiple switch ports into a single, load-distributed channel. HSRP is the Hot Standby Router Protocol.

What statement is true of a NAT router? A) NAT routers replace the source IP address with its own IP adresses B) NAT routers allow public addresses to exist on the LAN side of the router C) All hosts on the LAN side of the router are assigned the same IP address as the public address in the router D) The NAT function is performed at the ISP facility

NAT routers replace the source IP address with its own IP address.

Which is the default port for NTP? A) 321 B) 123 C) 132 D) 231

NTP uses port 123.

The primary command-line tool to troubleshoot Windows naming issues is what? A) Nbtstat B) Netstat C) Ipconfig D) Net

Nbtstat provides information about the netbios naming service that runs in some Windows-based computers.

What command will assign a drive letter to a network share? A) Net assign B) Net drive C) Net share D) Net use

Net use The net use command assigns a drive letter in the local computer to a shared folder in another computer.

When securing IP networks, developers focus on several key principles. Which of the following is NOT one of those principles? A) Performance B) Confidentiality C) Integrity D) Availablity

Performance is important to IP networks but is not a core tenet of securing the network.

Which would be the best solution to make an encrypted tunnel using SSH? A) Recode an unencrypted tunneling program to support SSH encryption B) Piggyback an existing tunnel program onto SSH C) Set up a tunnel using PPTP D) Set up a tunnel using L2TP/Ipsec

Piggyback an existing tunnel program onto SSH. The only option here that meets the criteria of the question is to piggyback a VPN session over an SSH connection.

What does QoS provide? A) Higher performance of selected traffic B) Blocking of specified traffic types C) Redirection of low priority traffic to slower router interfaces D) Prioritized throughput of different traffic types

Prioritized throughput of different traffic types QoS enables the prioritization of different traffic types with bandwidth approaches a connection's maximum capacity.

Which choice is not true about protocol analyzers such as WireShark? A) Protocol analyzers can capture packets and frames B) Protocol analyzers can show the contents of packets and frame C) Protocol analyzers can filter the contents of packets frames D) Protocol analyzers can generate packets and frames

Protocol analyzers can generate packets and frames, they can only capture and display them.

Which of the following is a secure email protocol? A) STMP B) STLS C) POP D) IMAP

STLS, Start Transport Layer Security (STLS) is the current approach to running secure email protocols.

Which is the BEST device to dole out requests to duplicate servers to ease congestion? A) DNS Server B) Round Robin Server C) Server Side Load Balancer D) Clusterer

Server Side Load Balancer

When operating multiple, duplicate servers such as web servers, which method is best to take advantage of the full power of all of the servers? A) HSRP B) DNS Server C) Round Robin Server D) Server Side Load Balancer

Server Side Load Balancer A load balancer evenly distributes requests across multiple servers so they all provide roughly equal services.

Which of the following is not an authentication factor? A) Something you are B) Something you can do C) Something you know D) Something you have

Something you can do. Modern authentication systems cannot evaluate an action so something you can do is not an authentication factor.

Which characteristic is true of TCP? A) TCP is connectionless B) The TCP three-way handshake begins with a SYN message, followed by an ACK response followed by an ACK SYN message C) TCP uses the FIN message to close a connection D) TCP uses the END message to close a connection

TCP uses the FIN message to close a connection

True or false: Most SOHO routers come with NAT enabled?

TRUE - It can be disabled and/or enabled in one of the router's administration settings.

Which choice describes a significant difference between Telnet and SSH? A) Telnet is an Internet Telephony protocol, SSH is a Secure Sharing protocol B) Telnet runs on a client, SSH runs on a server C) Telnet runs on a server, SSH runs on a client D) Telnet is unencrypted, SSH is encrypted

Telnet is unencrypted, SSH is encrypted. Telnet runs on TCP port 23 and is an unencrypted terminal emulation application that runs on both a client and a server. SSH runs on TCP port 22 and is an encrypted terminal emulation application that runs on both a client and a server.

Which statement is true of VLANs? A) VLANs enable remote stations to connect to the LAN from across the internet B) VLANs break up broadcast domains into multiple, smaller broadcast domains C) VLANs use SSH tunnels for cross-VLAN traffic D) VLANs can only be implemented on specified ports on a router

VLANs break up broadcast domains into multiple, smaller broadcast domains