Networking + 4
Which parameter can be used with the ping command to send a constant stream of packets when using a Windows device? -f -p /all -g -t
-t
Which permission needs to be assigned to a user to be able to connect to a VPN connection? Network Administrator permissions VPN permissions Network Access permissions Local administrator permissions
Network Access permissions
Which of the following utilities uses ICMP echo requests to trace the path from one networked node to another, identifying all intermediate hops between the two nodes? tcpdump tracert arp netstat
tracert
HTTP and HTTPS are TCP-based protocols. Which of the following ports do they use? 443 and 514 25 and 80 80 and 81 80 and 443
80 and 443
You are the network administrator for Jungle Technologies, and you have to create a data stream within an application that will mark a certain section of the data stream to be more urgent than the normal stream. In which of the following fields of TCP segment will you specify this information? Urgent pointer Checksum Source port Acknowledgment number
Urgent pointer
Which of the following uses the cross-platform protocol RFB (remote frame buffer) to remotely control a workstation? RDP Telnet VNC SSH
VNC ( virtual network computing )
What protocol must be allowed through a firewall for tracert to work correctly? a. ICMP b. SSH c. TLS d. NDP
a. ICMP The Windows tracert utility sends an ICMP (Internet Control Message Protocol) echo request to the destination node and listens for an ICMP echo reply from that node.
Which remote file access protocol is an extension of SSH? a. SFTP b. HTTPS c. TFTP d. FTPS
a. SFTP
You need to determine which device on your network is sending excessive messages to your Ubuntu Server. Which utility will give you this information? a. tcpdump b. arp c. traceroute d. netstat
a. tcpdump he tcpdump utility captures traffic that crosses a computer's network interface, which can then be analyzed to determine which devices are transmitting traffic across each interface. The traceroute utility traces the path from one networked node to another, identifying all intermediate hops between the two nodes. The netstat utility displays TCP/IP statistics and details about TCP/IP components and connections on a host. This ARP utility, accessed via the arp command in both Windows and Linux, provides a way of obtaining information from and manipulating a device's ARP table.
Which of these protocols does not include some kind of integrity check field in its header? a. IPv4 b. IPv6 c. TCP d. ICMP
b. IPv6 IPv6 does not include its own checksum field. Instead, IPv6 requires that the transport layer header (TCP or UDP) include a checksum field. IPv4 and ICMP both include a checksum field as well, either for the header or for the entire packet.
What is one advantage offered by VDI over RDS and VNC? a. Supports remote access to mobile devices b. Offers access to multiple OSs in VMs c. Provides open source flexibility d. Allows multiple users to sign in at once
b. Offers access to multiple OSs in VMs VDI (virtual desktop infrastructure)
What is the Internet standard MTU? a. 1,522 bytes b. 65,535 bytes c. 1,500 bytes d. 9,198 bytes
c. 1,500 bytes
Which protocol's header includes the source MAC address? a. TCP b. UDP c. Ethernet d. IP
c. Ethernet Mac sublayer (data link layer) ID's the two macs. The Physical layer adds them to the payload
Which command must be used on a Linux device to determine the IP configuration of the eth0 network interface? [Choose all that apply] ip address show eth0 ifconfig eth0 ifconfig ipconfig /all ifconfig /all
ifconfig eth0 ip address show eth0
Which encryption protocol does GRE use to increase the security of its transmissions? a. SSH b. SFTP c. IPsec d. SSL
c. IPsec
Which permission allows a user access to a resource but not resources? Username Password Authentication Authorization
Authentication
While configuring a new VPN client, which Role service needs to be installed for the Remote Access role on a Windows server? Direct Access and VPN (RAS) .Net Framework 4.5 Web Application Proxy Routing
Direct Access and VPN (RAS)
What is the arp -a command used for on a Windows device? Displays address resolution table for the device Displays the DNS configuration for the device Displays the IP configuration for the device Resolves IP addresses to hostname Displays the local routing table for the device
Displays address resolution table for the device
You have been appointed as the network administrator of an ISP. Your first project requires you to develop a protocol that can transmit IP and other kinds of messages through a tunnel so that you can connect two VPN endpoints. Which of the following will you choose in this scenario? L2TP GRE OpenVPN IKEv2
GRE
Which two protocols manage neighbor discovery processes on IPv4 networks? a. NDP and Ethernet b. IPv4 and IPv6 c. TCP and UDP d. ICMP and ARP
ICMP and ARP
What is the combination of a public key and a private key known as? Private key encryption IPsec Key pair Public key encryption
Key pair
You work as a network administrator in a domain environment. You have a new firewall and need to configure it. You are asked to create web filtering and firewall rules based on domain groups. Which of the following protocol will you use to integrate your firewall directly with Active Directory? OpenLDAP LDAP FTP RADIUS RDP
LDAP
One of the users in your organization has just re-installed the operating system on his system. He notices that the email software can be accessed after the reinstallation, but all the old emails have disappeared. What could be the cause of this problem? SMTP was used on the mail client software IMAPS was used on the mail client software IMAP was used on the mail client software POP3 was used on the mail client software SMTPS was used on the mail client software
POP3 was used on the mail client software (email is downloaded to client) (IMAP manages emails on a server)
You, as a network administrator, want to open up a port that will allow you to send data using the file transfer protocol. However, the files you wish to transfer are boot files. Which of the following ports will you open up to carry out this operation? Port 20 Port 22 Port 69 Port 989
Port 69
To be able to remotely manage a Windows device securely, which of the following protocols can be used? RDP SSH RDG VPN
RDP
Rodriguez has been hired as a network administrator by MJF Tires to create an IPsec suite wherein a definitive set of rules are laid down for encryption, authentication, and key management of TCP/IP transmissions. After accessing the basic network traffic, Rodriguez wants to create a secure channel so that the IP packet's data payload can be authenticated through public key techniques. Analyze which of the following steps Rodriguez must complete after establishing a secure channel. Use IPsec initiation for completion Use the IKE to establish security parameters Use ISAKMP for managing keys Renegotiate and reestablish the connection before the current session gets timed out
Renegotiate and reestablish the connection before the current session gets timed out
You work as a network administrator and are responsible for configuring network firewalls, routers and switches. You have configured rules between the user and server VLANs. You received a request from your development team to create a new rule that allows port TCP 1433 to the database server. Based on the port number, which database is installed on the server. MySQL SQL PostgreSQL OrientDB Oracle
SQL
Which of the following fields in a TCP segment identifies the data segment's position in the stream of data segments being sent? Reserved Sequence number Source port Acknowledgment number
Sequence number
Mr. Yoda is a network engineer who has been working on setting up a data delivery service. While creating the TCP segment for this purpose, the network administrator has requested Mr. Yoda to set up a command requesting a synchronization of the sequence numbers between two nodes so that it can indicate to the receiving node that there is no payload attached to the data packet. Analyze which of the following statements will best fit the situation for Mr. Yoda. Set the RST to 1 byte in the flag segment of the TCP segment Set the PSH to 1 byte in the flag segment of the TCP segment Set the SYN to 1 byte in the flag segment of the TCP segment Set the FIN to 1 byte in the flag segment of the TCP segment
Set the SYN to 1 byte in the flag segment of the TCP segment
Which of the following connection methods can be used to connect a company's offices which are located in different geographical areas? RDP SSH Client-to-Site VPN Site-to-Site VPN
Site-to-Site VPN
When executing the tracert 192.168.0.10 command, what can be determined from the output? The MAC address for the specified IP address The default gateway for the local device The DNS name for the specific IP address The route it will take to reach the destination IP address
The route it will take to reach the destination IP address
What transport protocol/ports do DNS and DHCP use? UDP 53 / TCP 67 and 68 TCP 161 / TCP 67 UDP 53 / UDP 67 and 68 UDP 161 / UDP 67
UDP 53 / UDP 67 and 68
Which remote file access protocol uses port 22? a. FTP b. FTPS c. TFTP d. SFTP
d. SFTP Unlike FTP (File Transfer Protocol) or FTPS (FTP Secure), which use a control channel on port 21 and one or two data channels on port 20, SFTP (Secure FTP) uses only a single connection—both inbound and outbound communications are usually configured to cross SSH's port 22. TFTP (Trivial FTP) listens at port 69.
You need to remote into a Linux server in another building on your network. Which of the following protocols should you use? a. SFTP b. VPN c. RDP d. SSH
d. SSH
Which of the following command can be used to display the local routing table for a Windows device? dig route print route add nslookup ipconfig
route print
You have been hired as a security professional for a firm, and you would like to analyze the traffic that crosses the computer's network interface. Which of the following command-line interfaces will help you in achieving this? netstat ping nmap tcpdump
tcpdump (netstat - displays tcip stats ) (ping - sends echo to a source and waits for response) (nmap - maps network)
Which two components of the CIA triad are ensured by adequate encryption methods? Choose two. a. Availability b. Accountability c. Confidentiality d. Integrity
c. Confidentiality d. Integrity confidentiality - can only be viewed by intended recipient integrity - Data not modified in route availability - data available when needed
Which protocol's header would a layer 4 device read and process? a. HTTP b. IP c. TCP d. ARP
c. TCP
Which IPsec encryption type encrypts the IP header? a. ISAKMP b. AH c. IKE d. ESP
d. ESP IPsec (internet protocol security) - encryption protocol Either AH (authentication header) encryption or ESP (Encapsulating Security Payload) encryption may be used in IPsec. Both types of encryption provide authentication of the IP packet's data payload through public key techniques. In addition, ESP encrypts the entire IP packet, including the IP header.
An ARP table maps MAC addresses to what information? a. Physical interfaces b. IPv6 addresses c. TCP or UDP ports d. IPv4 addresses
d. IPv4 addresses
Which encryption benchmark ensures data is not modified after it's transmitted and before it's received? a. Confidentiality b. Symmetric c. Availability d. Integrity
d. Integrity
At which OSI layer does IP operate? a. Data link layer b. Application layer c. Transport layer d. Network layer
d. Network layer
You're working from home and need to access a file server at the office while working in an application from your work desktop. At the same time, you often stream music in your browser. Which VPN type will be most efficient while still meeting your needs? a. Site-to-site VPN b. Full tunnel VPN c. Host-to-host VPN d. Split tunnel VPN
d. Split tunnel VPN A split tunnel VPN will only capture traffic destined for the corporate network, such as communication with the file server and the work desktop, and the client can use local network resources to stream music from the Internet, which will result in lower latency and will use fewer corporate network resources. A full tunnel VPN captures all network traffic, whether destined for the Internet or for the corporate network. A host-to-host VPN creates a VPN tunnel directly between two devices and would not provide access to other resources, such as music streaming. A site-to-site VPN connects multiple sites across a WAN and requires more expensive equipment than a client-to-site VPN for the split tunnel configuration.
You're getting a duplicate IP address error on your computer and need to figure out what other device on your network is using the IP address 192.168.1.56. What command will show you which MAC address is mapped to that IP address? a. netstat -n b. telnet 192.168.1.56 c. tracert 192.168.1.56 d. arp -a
d. arp -a