TESTS Ch9. Networking Fundamentals (Domain 109)

Ace your homework & exams now with Quizwiz!

Which of the following commands requests a zone transfer of example.org from the server at 192.168.1.4? A. dig example.org @192.168.1.4 axfr B. dig example.org @192.168.1.4 C. dig example.org @192.168.1.4 xfer D. dig example.org #192.168.1.4 xfer

A. The axfr type is a zone transfer, and the @ symbol signifies the server to which the query will be sent. There is no xfer type, and option B is just a normal query for the domain sent to the specified server.

Which of the following represents a correct configuration line for /etc/hosts? A. 192.168.1.4 cwa.braingia.org cwa B. cwa.braingia.org cwa 192.168.1.4 C. cwa.braingia.org 192.168.1.8 alias cwa D. alias cwa.braingia.org cwa 192.168.1.4

A. The correct format is IP address followed by canonical hostname followed by any aliases for the host. You can use entries in /etc/hosts to override DNS lookups, which can be useful in preventing those names from resolving or to provide a different resolution.

Which of the following commands will enumerate the hosts database? A. getent hosts B. gethosts C. nslookup D. host

A. The getent command is used for working with NSS databases, and getent hosts will display the available hosts using the databases configured in /etc/nsswitch.conf.

Which option for the host command will query for the authoritative nameservers for a given domain? A. -t ns B. -t all C. -ns D. -named

A. The host command enables changing of the query type with the -t option. Using ns as the type will query for the nameservers for a given domain. There is no all type, and the other options are also invalid.

Which of the following commands queries the mail servers for the domain example.com? A. dig example.com mx B. dig example.com C. host -t smtp example.com D. dig example.com smtp

A. The host or dig commands can be used for this purpose by setting the type to mx. The mx type will query for the mail exchanger for the given domain. There is no smtp type.

You are having difficulty with an interface on the server, and it is currently down. Assuming that there is not a hardware failure on the device itself, which command and option can you use to display information about the interface? A. ifconfig -a B. ifup C. netstat -n D. ifconfig

A. The ifconfig command can be used for this purpose, and it requires the addition of the -a option because the adapter is currently down. The ifup command can be used to bring up an interface, but it does not display information by default. The netstat command displays information about the network but not with the -n option.

Which command can be used to listen for netlink messages on a network? A. ip monitor B. netlink -a C. ip netlink D. route

A. The ip command with the monitor option/subcommand will display netlink messages as they arrive. There is no netlink subcommand for ip and the route command will not work for this purpose.

Which of the following commands should be executed after running ip route change? A. ip route flush cache B. ip route reload C. ip route cache reload D. ip route restart

A. The ip route flush cache command should be executed after changing the routes. The other commands shown for this question are not valid.

Which of the following commands shows the current default route without performing DNS lookups on the IP address(es) involved? A. netstat -rn B. netstat -n C. netstat -r D. netstat -f

A. The netstat command can be used for this purpose, and the -r option displays the current routes. The addition of -n prevents DNS lookups, which can help with performance.

Which of the following commands shows network services or sockets that are currently along with sockets that are not listening? A. netstat -a B. netlink -a C. sockets -f D. opensock -l

A. The netstat command is used for this purpose and the -a option displays all sockets, listening and non-listening. Note that it's frequently helpful to add the -n option, or combine them as in netstat -an, in order to prevent name lookup. Doing so can significantly improve performance of the command.

Which of the following commands prevents traffic from reaching the host 192.168.1.3? A. route add -host 192.168.1.3 reject B. route -nullroute 192.168.1.3 C. route add -null 192.168.1.3 D. route add -block 192.168.1.3

A. The route command can be used for this purpose and in the scenario described, a reject destination is used for the route. The other options shown are invalid because they use invalid options to the route command.

Which of the following commands adds a route to the server for the network 192.168.51.0/24 through its gateway of 192.168.51.1? A. route add -net 192.168.51.0 netmask 255.255.255.0 gw 192.168.51.1 B. route add -net 192.168.51/24 gw 192.168.1.51 C. route -net 192.168.51.0/24 192.168.51.1 D. route add 192.168.51.1 -n 192.168.51.0//255.255.255.0

A. The route command can be used for this purpose, and the syntax includes the network range, denoted with the -net option, followed by the word netmask and the masked bits, followed by the word gw and the IP address of the gateway. The other options shown are invalid for a variety of reasons, including missing keywords and options and order.

Assume that you want to enable local client services to go to hosts on the network without needing to qualify the name fully by adding the domain for either example.com or example.org. Which option in /etc/resolv.conf will provide this functionality? A. search B. domain C. local-domain D. local-order

A. The search option is used for this purpose, and it can be provided with multiple domain names, each separated by a space or tab. The domain option is valid within /etc/resolv.conf, but it does not allow for multiple domain names.

Which of the following commands displays the Start of Authority information for the domain example.com? A. dig example.com soa B. dig example.com authority C. dig example.com -auth D. dig -t auth example.com

A. The soa type is used to query for Start of Authority records for a domain. Note that in many cases, dig will attempt to look up the domain within a given command and may not appear to have had an error. For example, when running option D (dig -t auth example.com), you will receive information about example.com and there will be a line in the output that dig has ignored the invalid type of auth.

Which of the following configuration lines in /etc/nsswitch.conf causes a lookup for group information to use local files first and then to use LDAP? A. group: files ldap B. lookup: group [local ldap] C. group: [local ldap] D. group: localfiles ldap

A. The syntax is database: databasename with additional databasenames separated by spaces, as shown in the correct option for this question.

Which of the following commands configures the eth0 device with an IP address of 192.168.1.1 in a /24 network? A. ifconfig eth0 192.168.1.1/24 B. ifconfig eth0 192.168.1.1/255.255.255.0 C. ifconfig eth0 192.168.1.1 netmask 255.255.255.0 D. ifconfig 192.168.1.1 netmask 255.255.255.0 eth0

C. The ifconfig command for configuring interfaces begins with the device followed by the IP address, which is then followed by the netmask keyword and the netmask to add. Because this is a /24, the netmask is 255.255.255.0.

Which of the following commands will attempt to bring online all interfaces marked as auto within the networking configuration? A. ifconfig -a B. ifup auto C. ifup -a D. ifstat

C. The ifup command is used to bring up network interfaces, and the -a option brings up those interfaces marked as auto. The ifconfig -a command displays information on all interfaces, and there is no ifstat command. The ifdown command can be used to bring interfaces down or offline.

When troubleshooting a connectivity issue, you have found that you can reach a server via the web but cannot ping it. Which of the following best describes a possible cause for this scenario? A. TCP traffic has been blocked at the firewall. B. The DNS lookup is failing. C. ICMP traffic has been blocked. D. There is a reject route in place.

C. The only viable possibility of those listed is that ICMP traffic is blocked. TCP traffic is obviously passing because of the ability to get there using HTTP, and DNS must also be working.

Which of the following commands sends an IPv6 ping to a unique local address? A. ping -6 127.0.0.1 B. ping6 fddi/128 C. ping6 fdd6:551:b09f:: D. ping -6 fdd6:551:b09f::

C. The ping6 command is used to ping IPv6 addresses. Unique local addresses are the IPv6 equivalent of RFC 1918 private addresses in IPv4. In IPv6, fc00::/7 is the unique local address space. Note that there is no -6 option to the normal ping command.

Which of the following commands adds a default gateway of 192.168.1.1 for interface eth0? A. route add default gateway 192.168.1.1 eth0 B. eth0 --dg 192.168.1.1 C. route add default gw 192.168.1.1 eth0 D. route define eth0 192.168.1.1

C. The route command is used for this purpose, and adding a route is done with the add option. The default gateway is added using the default gw keywords followed by the IP address of the gateway and the adapter.

Which of the following netmasks is used for a subnet described with a /25 in CIDR notation? A. 255.255.255.0 B. 255.255.0.0 C. 255.255.255.192 D. 255.255.255.128

D. A /25 in CIDR notation represents half of a /24 in address space, therefore making 255.255.255.128 the masked bits. The 255.255.255.0 answer is /24 while 255.255.255.192 is /26. Finally, 255.255.0.0 is /16.

You need to split a subnet to enable four subnets with up to 30 hosts each. Which subnet mask, in CIDR notation, facilitates this scenario? A. /25 B. /24 C. /32 D. /27

D. A /27 with a netmask of 255.255.255.224 splits a subnet into four segments of 32 addresses, thus enabling 30 usable addresses.

On which port does ICMP operate? A. TCP/43 B. UDP/111 C. UDP/69 D. ICMP does not use ports.

D. ICMP is a layer 3 protocol, meaning that it does not use ports for communication. TCP/43 is used for whois, while port 111 is used for sunrpc. UDP/69 is used for TFTP.

Which of the following is not used as a private address for internal, non-Internet, use? A. 172.16.4.2 B. 192.168.40.3 C. 10.74.5.244 D. 143.236.32.231

D. Private IP addresses are found within the 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 ranges, thus making an address in the 143 range a public IP address.

Which ports need to be allowed through the firewall for SNMP traffic? A. Ports 23 and 25 B. Ports 110 and 143 C. Ports 80 and 443 D. Ports 161 and 162

D. SNMP traffic takes place on ports 161 and 162. Though the traffic is usually on UDP, the TCP ports are also reserved for SNMP. Ports 110 and 143 are used for POP3 and IMAP, respectively, while 23 and 25 are for Telnet and SMTP. Finally, ports 80 and 443 are for HTTP and HTTPS.

If the traceroute6 command is not available, which option to the traceroute command can be used for an IPv6 traceroute? A. -ipv6 B. -net6 C. -v6 D. -6

D. The -6 option, as in traceroute -6, executes an IPv6 traceroute. The other options shown for this question are not valid. It would be rare for the traceroute6 command not to be available and still have the traceroute -6 command available.

Which of the following commands will emulate the ping command in Microsoft Windows, where the ping is sent for four packets and then exits? A. ping -n 4 B. ping -t 4 C. ping -p 4 D. ping -c 4

D. The -c option provides the count of the number of pings to send. The -n option specifies numeric output only, while -p specifies the pattern to use for the packet content. Finally, the -t option sets the TTL.

When examining open ports on the server, you see that TCP port 3000 is listed with no corresponding protocol name, such as smtp, imaps, and so on. In which file would you find a list of port-to-protocol translations that could be customized to add this new port? A. /etc/ports B. /etc/p2p C. /etc/ppp D. /etc/services

D. The /etc/services file contains standard port-to-protocol information based on the well-known and assigned ports from IANA. If you'd like to provide a custom name for the service, you can do so by editing this file. There is no /etc/ports or /etc/p2p file by default, and /etc/ppp is usually a directory for the point-to-point protocol daemon and related services.

Which of the following commands configures eth1 with an additional IPv6 address of fdd6:551:b09e::? A. ifconfig eth1 inet6 add fdd6:551:b09e::/128 B. ifconfig add fdd6:551:b09e:: C. ifconfig fdd6:551:b09e:: eth1 D. ifconfig eth1 fdd6:551:b09e

A. In order to facilitate the scenario described, the syntax for ifconfig uses the device followed by the protocol, inet6 in this case. Next, the keyword add is used to indicate that an additional IP address is being added. Finally, it is followed by the address itself.

Which option should be used to send a DNS query for an SPF record with dig? A. -t txt B. -t spf C. -t mx D. -t mailspf

A. SPF records are stored in the txt record type in DNS, thereby making -t txt the correct option for this question. Of the other answers, only -t mx is valid and returns the mail exchangers for the given domain.

Which option to the traceroute command will use TCP SYN packets for the path trace? A. -T B. -t C. -s D. -i

A. The -T option causes traceroute to use TCP packets. This option, which requires root privileges, can be helpful in situations where a firewall may be blocking traceroute traffic. The -i option chooses the interface, while the -s option chooses the source address. A lowercase -t option sets the Type of Service (ToS) flag.

Which of the following dig commands sends the query for example.com directly to the server at 192.168.2.5 rather than to a locally configured resolver? A. dig example.com @192.168.2.5 B. dig -t 192.168.2.5 example.com C. dig -s 192.168.2.5 example.com D. dig server=192.168.2.5 example.com

A. The @ symbol is used to indicate a server to which the query will be sent directly. This can be quite useful for troubleshooting resolution problems by sending the query directly to an authoritative name server for the domain. Of the other options, -t sets the type and the other choices are not valid.

You are troubleshooting a DNS problem using the dig command, and you receive a "status: NXDOMAIN" message. Which of the following best describes what NXDOMAIN means? A. NXDOMAIN means that you have received a non-authoritative answer for the query. B. NXDOMAIN means that the domain or host is not found. C. NXDOMAIN indicates a successful query. D. NXDOMAIN signifies a new domain record has been added.

B. NXDOMAIN is the status for a non-existent domain or host, basically meaning that the host for which the query was sent does not exist. A normal status when there has not been an error is "NOERROR".

Which of the following protocols uses a three-way handshake? A. ICMP B. TCP C. UDP D. IP

B. TCP is a connection-oriented protocol that uses a three-way handshake to establish a connection. ICMP does not use ports for communication, while UDP is connectionless. IP is the core Internet Protocol, and it does not use a handshake.

Which option for the ping command enables you to choose the interface from which the ICMP packets will be generated? A. -i B. -I C. -t D. -a

B. The -I option enables the choice of interface. A lowercase -i option sets the interval, while -a indicates an audible ping. Finally, -t enables a TTL-based ping only.

Which of the following commands will change the default gateway to 192.168.1.1 using eth0? A. ip route default gw 192.168.1.1 B. ip route change default via 192.168.1.1 dev eth0 C. ip route default gw update 192.168.1.1 D. ip route update default 192.168.1.1 eth0

B. The ip route command can be used for this purpose, and its syntax uses a change command and the via keyword. The same operation could be completed with the route command, but that would require first deleting the existing gateway and then re-adding a new default gateway.

Which of the following addresses represents the localhost in IPv6? A. 0:1 B. ::1 C. 127:0:1 D. :127:0:0:1

B. The localhost address for IPv6 can be written as ::1. Addresses shown like 127 represent the IPv4 localhost range, but they are not written properly for IPv4 or IPv6.

Which options for netcat will create a server listening on port 8080? A. netcat -p 8080 B. nc -l -p 8080 C. nc -p 8080 D. nc -s 8080

B. The nc command is used to start netcat, and the -l option causes it to listen. The -p option is used to specify the port on which netcat will listen. The -s option specifies the local source address, and it is not used for this scenario.

Which of the following describes a primary difference between traceroute and tracepath? A. The traceroute command requires root privileges. B. The tracepath command provides the MTU for each hop whereas traceroute does not. C. The tracepath command cannot be used for tracing a path on an external network. D. The traceroute command is not compatible with IPv6.

B. The tracepath command provides the maximum transmission unit (MTU) of the hops, where possible. Both traceroute and tracepath can be used internally or externally, and both provide IPv6 capabilities. Certain options with the traceroute command can require root privileges, but not enough information was given in the question for that to have been the correct option. The tracepath6 command provides native IPv6 capabilities.

Which port(s) and protocol(s) should be opened in a firewall in order for the primary and secondary name servers to communicate for a given domain? A. UDP/53 B. Both TCP/53 and UDP/53 C. TCP/53 D. UDP/53 and TCP/503

B. Traditionally, UDP/53 is used for DNS queries, but with a primary and secondary server it is assumed that zone transfers may occur. DNS zone transfers typically take place over TCP/53.

Which of the following describes a primary difference between IPv4 and IPv6? A. IPv4 is for internal networks only, while IPv6 is for public networks. B. IPv4 is for public networks, while IPv6 is for internal networks. C. IPv4 uses a 32-bit address, while IPv6 uses a 128-bit address. D. With IPv6, there is no subnetting necessary.

C. IPv4 addresses are 32 bits in length and IPv6 addresses are 128 bits. Both IPv4 and IPv6 can be used on internal and external networks alike, and there is indeed subnetting necessary with IPv6.

On which port does LDAP over SSL operate? A. Port 53 B. Port 389 C. Port 636 D. Port 443

C. LDAP over SSL, or LDAPS, operates on port 636. Port 53 is used for DNS, port 389 is used for normal, non-SSL LDAP, and port 443 is used for HTTP over SSL.

Which of the following ports is used for Secure Shell communication? A. TCP/23 B. TCP/25 C. TCP/22 D. TCP/2200

C. Secure Shell, or ssh, operates on TCP port 22 by default. TCP/23 is used for Telnet; TCP/25 is SMTP, and TCP/2200 is not associated with a well-known service.

When viewing the available routes using the route command, one route contains flags UG while the others contain U. What do the letters UG signify in the route table? A. The G signifies that the route is good. B. The G signifies that the route is unavailable. C. The G signifies that this is a gateway. D. The G signifies that the route is an aggregate.

C. The G signifies a gateway within the route table.

Which of the following configuration lines will set the DNS server to 192.168.1.4 using /etc/resolv.conf? A. dns 192.168.1.4 B. dns-server 192.168.1.4 C. nameserver 192.168.1.4 D. name-server 192.168.1.4

C. The configuration option is called nameserver, and the value for the option is the IP address of the desired nameserver. There are several options that affect how name resolution is performed, such as the number of attempts and timeout. See resolv.conf(5) for more information.

You need to prevent local clients from going to a certain host, www.example.com, and instead redirect them to a localhost. Which of the following is a method to override DNS lookups for the specified host? A. Add a firewall entry for the IP address of www.example.com to prevent traffic from passing through it. B. Delete www.example.com from the route table using the route command. C. Add a null route to prevent access to the IP address for www.example.com. D. Add an entry for www.example.com in /etc/hosts to point to 127.0.0.1.

D. The best option for this question is to add an entry for the host in /etc/hosts. Doing so will always cause DNS queries to resolve to 127.0.0.1. The other options are not as robust because they rely on www.example.com always having the same IP address, or the solutions require additional maintenance to constantly add new IP addresses if www.example.com's IP address changes.

In a scripting scenario, which command will return the domain name configured for the server? A. dnsname B. fqdn C. hostname D. hostname -d

D. The hostname command is used to return the hostname and domain. When given the -d option, just the domain name is returned to STDOUT, thereby making it appropriate for use in a script.

How many IP addresses are available in the 172.16.0.0 private range in IPv4? A. /32 B. 16,777,216 C. 65,536 D. 1,048,576

D. There are 1,048,576 IP addresses in the 172.16.0.0 private range. There are 16,777,216 in the 10.0.0.0 range and 65,536 in the 192.168.0.0 range.


Related study sets

Assignment 6 - Life Insurance Policies Practice Exam

View Set

Chapter 1: Completing the Application, Underwriting, and Delivering the Policy. QUIZ 1

View Set

Physical Science Ch.7 Questions online

View Set

Chapter 11 Classic and Keynesian Economic Anaylses

View Set

Human Anatomy and Physiology Lab Quiz 2

View Set

1.3 experiments, placebo, double blind, etc

View Set

Assessment of Respiratory Function

View Set

Principles of Chiropractic Midterm

View Set