Networking Chapter 7 - 9

Ace your homework & exams now with Quizwiz!

If the EUI-64 standard is used, what part of an IPv6 address is affected?

The last four blocks of the address.

In an IPv6 address, what do the first four blocks or 64 bits of the address represent?

The site prefix or global routing prefix.

Which statement regarding the use of a bridged mode vNIC is accurate?

The vNIC will its own IP address on the physical LAN.

Which FTP has no authentication or security for transferring files, uses UDP, and requires very little MEM to use?

Trivial FTP (TFTP)

2. The day after Patch Tuesday is informally dubbed Exploit Wednesday.

True

3. increases in file sizes & error messages w/no cause are both potential symptoms of a viral infection.

True

4. The term malware is derived from a combination of the words malicious and software.

True

5. A drop ceiling could be used by an intruder to gain access to a secured room.

True

6. Over a long-distance connection, using SSH keys is more secure than using passwords.

True

7. A long, string of words, is more secure than a random series of letters, #s, and symbols shortened

True

8. A hacker, in the original sense of the word, is someone with technical skill and malicious intent.

True

A /24 CIDR block is equivalent to a 255.255.255.0 subnet mask.

True

A community cloud is a service shared between multiple organizations, but not available publicly.

True

A native VLAN mismatch occurs when 2 access ports connected to each other are both tagging traffic w/ diff. VLAN IDs

True

An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models.

True

Digital certificates are issued, maintained, and validated by an organization called a certificate authority (CA).

True

IPv6 addressing does not utilize classful addressing, therefore every IPv6 address is classless.

True

Office 365 is an example of an SaaS implementation with a subscription model.

True

PPP can support several types of Network layer protocols that might use the connection.

True

The Virtual Network Computing (VNC) application uses the cross-platform remote frame buffer (RFB) protocol.

True

To identify the transmissions to each VLAN, a switch adds a tag to Ethernet frames that identify the port of arrival

True

VMware Player and Linux KVM are both examples of what type of hypervisor?

Type 2 hypervisor

When dealing with a Cisco switch, what is NOT one of the pre-established VLANs?

VLAN 1001

Regarding VNC (Virtual Network Computing or Virtual Network Connection), what statement is accurate?

VNC is open source, allowing companies to develop their own software based

When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites

VPN gateway

What is NOT a potential disadvantage of utilizing virtualization?

Virtual sftwre increases the complexity of bkups. Usable bkups difficult

When is it appropriate to utilize the NAT network connection type?

Whenever the VM does not need to be access at a known address by other networks

What type of scenario would be best served by using a Platform as a Service (PaaS) cloud model?

developers need 2 access multiple OS's and the runtime libr -OS Provides

Re: Cisco>>> what command can be used to create and send helper messages that support types of UDP

ip helper-address

Subtracting an interesting octet value from 256 yields what number?

magic number

11. Which of the following scenarios would necessitate the use of a non-disclosure agreement?

needs to prevent a new co. from sharing info

What term is used to describe a space that is rented at a data center facility by a service provider?

point of presence (PoP)

The use of certificate authorities to associate public keys with certain users is known by what term?

public-key infrastructure

Which of the following terms is commonly used to describe a VLAN configuration in which one router connects to a switch

router-on-a-stick

What command will set the native VLAN on a Juniper switch port?

set native-vlan-id

You are working on a Cisco switch and need to learn what VLANs exist on the switch. Which command will list the current

show vlan

In order to generate a public and private key for use with SSH, what command line utility should you use?

ssh-keygen

12. How is a posture assessment performed on an organization?

test performed to determine how it may be compromised

Network segmentation at Layer 2 of the OSI model is accomplished using VLANs.

true

An interface that manages traffic from multiple VLANs is known by what term?

trunk port

Given a host IP address of 172.16.1.154 and a subnet mask of 255.255.254.0, what is the network ID for this host?

172.16.0.0

An IP address of 192.168.18.73/28 has what network ID?

192.168.18.64

By default, when using classful addressing, how many bits exist in the host portion of a Class A address?

24

What subnet mask can be used to segment the 172.16.0.0 network to allow for a minimum of 6 subnets while maximizing the

255.255.224.0

A network with a CIDR notation of /26 would have what subnet mask?

255.255.255.192

How many /64 subnets can be created within a /56 prefix?

256

How large is the 802.1Q tag that is added to an Ethernet frame when using VLANs?

4 bytes

What is the maximum number of host IP addresses that can exist in a Class B network?

65,534

How many subnets can a /48 site prefix support?

65,536 subnets

What IEEE standard specifies how VLAN information appears in frames and how switches interpret that information?

802.1Q

Amazon and Rackspace both utilize what virtualization software below to create their cloud environments?

Citrix Xen

Which of the following virtualization products is an example of a bare-metal hypervisor?

Citrix XenServer

Which of the following suggestions can help prevent VLAN hopping attacks on a network?

Disable auto trunking/move native VLANs 2 unused VLANs.

What special enterprise VPN suprtd by Cisco creates VPN tunnels b/twn branch locals as needed not requiring static tnnls

Dynamic Multipoint VPN

The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 by

FCS

1. It is ideal to use the same password for multiple different applications, provided the password is complex enough.

False

10. Different types of organizations have similar levels of network security risks.

False

9. The original version of the Secure Hash Algorithm was developed by MIT.

False

A Type 2 hypervisor installs on a computer before any OS, and is therefore called a bare-metal hypervisor.

False

After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel.

False

All that is needed to provide communication between two VLANs is a DHCP relay agent.

False

An unmanaged switch can still support the creation of VLANs, provided there is an interface for configuration.

False

By default, the native VLAN is the same as the default VLAN.

False

FTPS (FTP Security or FTP Secure) and SFTP (Secure FTP) are two names for the same protocol.

False

Network segmentation decreases both performance and security on a network.

False

Only Class B and Class C networks can be subnetted.

False

The HTTPS (HTTP Secure) protocol utilizes the same TCP port as HTTP, port 80.

False

Which statement regarding the IKEv2 tunneling protocol is accurate?

IKEv2 offers fast thruput & good stability mving b/twn wireless hotspots.

What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP

IPSec

Cloud service model involves hardware serv that are provided virtually, incl NTWRK infrastructure devices(servers)

IaaS

using public & private keys to connect to an SSH server frm a Linux device, where must your public key be placed b/4 con

In an authorization file on the host where the SSH server is.

When an 802.1Q tag is added to an Ethernet frame, where is it placed?

Inserted between the source add. and Ethernet type field.

Why is the telnet utility a poor choice for remote access to a device?

It provides poor authentication and no encryption.

What does the VLAN Trunk Protocol (VTP) do?

It shares VLAN database information amongst switches that participate.

Which of the following statements regarding IPv6 subnetting is NOT accurate?

The largest IPv6 subnet capable of being created is a /64.

A subnet of 255.255.248.0 can be represented by what CIDR notation?

/21

You have been tasked with the creation and design of a network that must support a minimum of 5000 hosts. Which network

10.3.0.0/19

On a Cisco switch, what would the security association identifier be for VLAN 13?

100013

A network with 10 bits remaining for the host portion will have how many usable host addresses?

1022

Which of the following is NOT a task that a VPN concentrator is responsible for?

A VPN concentrator shuts down est. connections w/malicious traffic occurs

When using IPv6, what would a /64 network likely be assigned to?

A smaller organization or business.

The combination of a public key and a private key are known by what term below?

Key Pair

A vSwitch (virtual switch) or bridge is a logically defined device that operates at what layer of the OSI model?

Layer 2

By default, what network connection type is selected when creating a VM in VMware, VirtualBox, or KVM?

NAT mode

At what layer of the OSI model does the IPsec encryption protocol operate?

Network layer

With VTP, where is the VLAN database stored?

On the switch that is configured as the trunk root.

Open-source VPN protocol utilizes OpenSSL for encryption, has the ability to cross firewalls where IPsec might be blockd

OpenVPN

Which of the following statements regarding the Point-to-Point (PPP) protocol is NOT accurate?

PPP can support strong encryption, such as AH or ESP.

In a software defined network, what is responsible for controlling the flow of data?

SDN controller

What statement regarding the SSH (Secure Shell) collection of protocols is accurate?

SSH supports port forwarding.

model involves providing apps thru an online U/I, providing for compatibility w/a multitude of diff OS's

SaaS

13. In a red team-blue team exercise, what is the purpose of the blue team?

The blue team is charged with the defense of the network.

What is NOT one of the ways in which networks are commonly segmented?

by device manufacturer


Related study sets

Visual Arts & Architecture: 20th Century

View Set

Sole - Chapter 8: Hemodynamic Monitoring

View Set

Abnormal Psychology (Chapter 11)

View Set

Fluid, Electrolyte, and Acid-Base Regulation

View Set

PSY- Ch.5 HW Sensation & Perception

View Set

PreCal Unit 9: Solving Trig Equations

View Set