This Document Contains Chapters 3 to 4 Chapter 3 Network Security 1) The threat environment includes ______________. A) attackers B) attacks C) both A and B D) neither A nor B Answer: C 2) Which phase of the plan-protect-respond cycle takes the largest amount of work? A) plan B) protect C) respond D) Each phase requires about equal effort. Answer: B 3) Compromises also are called ______________. A) breaches B) incidents C) both A and B D) neither A nor B Answer: C 4) A compromise is an attempted attack. Answer: False 5) Malware is a generic name for evil software. Answer: True 6) The generic name for evil software is ______________. A) viruses B) worms C) exploits D) malware Answer: D 7) The generic name for a security flaw in a program is a ______________. A) virus B) malware C) security fault D) vulnerability Answer: D 8) A ______________ is a flaw in a program that permits a specific attack or set of attacks against this problem. A) malware B) security error C) vulnerability D) security fault Answer: C 9) Users typically can eliminate a vulnerability in one of their programs by ______________. A) installing a patch B) doing a zero-day installation C) using an antivirus program D) all of the above Answer: A 10) An attack that occurs before a patch is available is called a zero-day attack. Answer: True 11) Universal malware requires a vulnerability to succeed. Answer: False 12) Viruses propagate within a computer by infecting other programs in that computer. Answer: True 13) Viruses most commonly spread from one computer to another ______________. A) via e-mail B) by propagating directly by themselves C) through obfuscation D) all of the above Answer: A 14) An action that will stop many viruses is ______________. A) installing a firewall B) the use of an antivirus program C) both A and B D) neither A nor B Answer: B 15) An action that will stop many viruses is ______________. A) installing patches B) the use of an antivirus program C) both A and B D) neither A nor B Answer: C 16) Firewalls typically stop viruses. Answer: False 17) Which of the following attach themselves to other programs? A) viruses B) worms C) both A and B D) neither A nor B Answer: A 18) Which of the following sometimes uses direct propagation between computers? A) viruses B) worms C) both A and B D) neither A nor B Answer: B 19) Which of the following is a propagation vector for some worms? A) e-mail B) direct propagation C) both A and B D) neither A nor B Answer: C 20) Which of the following can spread more rapidly? A) directly-propagating viruses B) directly-propagating worms C) Both of the above can spread with approximately equal speed. Answer: B 21) Which of the following can thwart directly-propagating worms? A) firewalls B) antivirus programs C) both A and B D) neither A nor B Answer: A 22) Which of the following can thwart directly-propagating worms? A) applying patches B) firewalls C) both A and B D) neither A nor B Answer: C 23) Antivirus programs can usually stop directly-propagating worms. Answer: False 24) Scripts may execute commands when a webpage is downloaded. Answer: True 25) Scripts normally are bad. Answer: False 26) Scripts are likely to be dangerous primarily if a computer has a vulnerability. Answer: True 27) Mobile code is another name for ______________. A) virus B) worm C) both A and B D) neither A nor B Answer: D 28) Pieces of code that are executed after the virus or worm has spread are called ______________. A) vulnerabilities B) exploits C) compromises D) payloads Answer: D 29) Malware programs that masquerade as system files are called ______________. A) viruses B) scripts C) payloads D) Trojan horses Answer: D 30) Trojan horses can get onto computers by ______________. A) self-propagation B) hackers C) both A and B D) neither A nor B Answer: B 31) Trojan horses can get onto computers by ______________. A) viruses B) hackers C) both A and B D) neither A nor B Answer: C 32) The general name for malware on a user's PC that collects sensitive information and sends this information to an attacker is ______________. A) keystroke loggers B) anti-privacy software C) spyware D) data mining software Answer: C 33) A program that can capture passwords as you enter them is ______________. A) a keystroke logger B) data mining software C) both A and B D) neither A nor B Answer: A 34) Tricking users into doing something against their interests is ______________. A) social engineering B) hacking C) both A and B D) neither A nor B Answer: A 35) ______________ is lying to get victims to do something against financial self interest. A) Social engineering B) Fraud Answer: B 36) Unsolicited commercial e-mail is better known as ______________. A) spam B) adware C) social engineering D) identity theft Answer: A 37) Spam can be used to ______________. A) implement a fraud B) cause the reader to go to a website that will download malware to the victim's computer C) both A and B D) neither A nor B Answer: C 38) An attack in which an authentic-looking e-mail or website entices a user to enter his or her username, password, or other sensitive information is called ______________. (Select the most specific answer.) A) phishing B) identity theft C) social engineering D) a spyware attack Answer: A 39) Identity theft is stealing credit card numbers, in order to make unauthorized purchases. Answer: False 40) Credit card number thieves are called ______________. (Pick the most precise answer.) A) numbers racketeers B) fraudsters C) identity thieves D) carders Answer: D 41) Which of the following tends to be more damaging to the victim? A) credit card theft B) identity theft C) Both are about equally damaging to the victim. Answer: B 42) The last stage in a hacking attack is the break-in. Answer: False 43) The last stage in a hacking attack is ______________. A) scanning B) the break-in C) creating a back door D) none of the above Answer: D 44) It is still hacking if a person unintentionally accesses unauthorized computer information. Answer: False 45) Hackers identify possible victim computers by sending ______________. A) scouts B) probe packets C) exploits D) Mocking Jays Answer: B 46) Hackers send probe packets to identify ______________. A) IP addresses with active hosts B) hosts running certain applications C) both A and B D) neither A nor B Answer: C 47) Methods that hackers use to break into computers are ______________. A) cracks B) magics C) exploits D) compromises Answer: C 48) After a break-in, the first step usually is to ______________. A) do damage manually B) delete log files C) create a backdoor D) download a hacker toolkit Answer: D 49) What does a hacker usually do IMMEDIATELY after downloading a hacker toolkit? A) install a Trojan horse B) create a backdoor C) execute an exploit D) delete log files Answer: D 50) A way back into a system that an attacker can use to get into the compromised computer later is called a ______________. (Choose the most specific answer.) A) backdoor B) Trojan horse C) compromise D) rootkit Answer: A 51) Which of the following can be a type of backdoor? A) A new account B) A Trojan horse C) both A and B D) neither A nor B Answer: C 52) DoS attacks attempt to ______________. A) hack a computer B) reduce the availability of a computer C) both A and B D) neither A nor B Answer: B 53) Attack programs that can be remotely controlled by an attacker are ______________. A) bots B) DoS programs C) exploits D) sock puppets Answer: A 54) Which of the following can be upgraded after it is installed on a victim computer? (Choose the most specific answer.) A) Trojan horses B) bots C) viruses D) worms Answer: B 55) In distributed DoS attacks, the attacker sends messages directly to ______________. A) bots B) the intended victim of the DoS attack C) backdoors D) DOS servers Answer: A 56) Most hackers today are driven by curiosity, a sense of power, and, sometimes, a desire to increase their reputation among peers. Answer: False 57) It is generally illegal to write malware. Answer: False 58) What are the most dangerous types of employees? A) financial employees B) manufacturing employees C) IT security employees D) former employees Answer: C 59) What type of attacker are most attackers today? A) disgruntled employees and ex-employees B) criminals C) hackers motivated by a sense of power D) cyberterrorists Answer: B 60) Cyberwar attacks are made by national governments or organized terrorists. Answer: False 61) What type of attacker can do the most damage? A) criminal attackers B) hackers driven by curiosity C) employees and ex-employees D) national governments Answer: D 62) Security is primarily a management issue. Answer: True 63) Which of the following is not one of the four major security planning principles? A) perimeter defense B) risk analysis C) comprehensive security D) defense in depth Answer: A 64) Balancing threats against protection costs is called ______________. A) economic justification B) risk analysis C) comprehensive security D) defense in depth Answer: B 65) The goal of security is to eliminate risk. Answer: False 66) Attackers only need to find a single weakness to break in. Consequently, companies must ______________. A) have comprehensive security B) have insurance C) do risk analysis D) only give minimum permissions Answer: A 67) An attacker must break through two firewalls to get to a host. This illustrates the principle called ______________. (Select the most specific answer.) A) comprehensive security B) risk assurance C) having a DMZ D) defense in depth Answer: D 68) Vulnerabilities are occasionally found in even the best security products. Consequently, companies must ______________. A) have comprehensive security B) have defense in depth C) do risk analysis D) only give minimum permissions Answer: B 69) Access control involves ______________. A) limiting access to each resource B) limiting the permissions of users to each resource C) both A and B D) neither A nor B Answer: C 70) Actions that people are allowed to take on a resource comes under the heading of ______________. A) hacks B) permissions C) exploits D) risks Answer: B 71) In general, authenticated users should be given maximum permissions in a resource so that they can do their jobs with few restrictions. Answer: False 72) Which of the following specifies what should be done? A) policies B) implementation C) both A and B D) neither A nor B Answer: A 73) A policy specifies ______________. A) what should be done B) how to do it C) both A and B D) neither A nor B Answer: A 74) Policies are separated by implementation to take advantage of ______________. A) implementer knowledge B) the delegation of work principle C) minimum permissions Answer: A 75) Oversight helps ensure that a policy is implemented faithfully. Answer: True 76) Implementation guidance is less specific than _____________. A) policy B) implementation C) standards D) none of the above Answer: A 77) Which of the following must be followed? A) standards B) guidelines C) both A and B D) neither A nor B Answer: A 78) Which of the following is true? A) guidelines must be followed B) guidelines must be considered C) both A and B D) neither A nor B Answer: B 79) Oversight activities include ______________. A) vulnerability testing B) creating guidelines C) both A and B D) neither A nor B Answer: A 80) Attacking your own firm occurs in ______________. A) vulnerability testing B) auditing C) both A and B D) neither A nor B Answer: A 81) Policies should drive ______________. A) implementation B) oversight C) both A and B D) neither A nor B Answer: A 82) Requiring someone requesting to use a resource to prove his or her identity is ______________. A) confidentiality B) authentication C) authorization D) both B and C Answer: B 83) In authentication, the ______________ is the party trying to prove his or her identity. A) supplicant B) verifier C) true party D) all of the above Answer: A 84) ______________ is the general name for proofs of identity in authentication. A) Credentials B) Authorizations C) Certificates D) Signatures Answer: A 85) Authentication should generally be ______________. A) as strong as possible B) appropriate for a specific resource C) the same for all resources, for consistency D) all of the above Answer: B 86) Passwords are widely used because ______________. A) they can be used at little or no additional cost B) they offer very strong authentication C) both A and B D) neither A nor B Answer: A 87) Passwords are widely used because they can be used at little or no additional cost. Answer: True 88) Passwords are widely used because they offer very strong authentication. Answer: False 89) Passwords are widely used because they ______________. A) are demanded by users B) offer strong authentication C) are the only authentication techniques known by most security professionals D) are inexpensive to use Answer: D 90) A user picks the password tiger. This is likely to be cracked most quickly by a(n) ______________. A) attack on an application running as root B) brute-force attack C) dictionary attack D) hybrid dictionary attack Answer: C 91) Prepare2 can be cracked most quickly by a(n) ______________. A) authentication attack B) brute-force attack C) dictionary attack D) hybrid dictionary attack Answer: D 92) A password that can be defeated by a hybrid dictionary attack can be adequately long if it ______________. A) can only be broken by a brute force-attack B) is sufficiently long C) begins with a capital letter and ends with a digit (number) D) none of the above Answer: D 93) A password that can be broken by a dictionary attack or a dictionary attack in hybrid mode can be adequately strong if it is very long. Answer: False 94) A password cracking attack that tries all combinations of keyboard characters is called a ______________. A) dictionary attack B) hybrid mode dictionary attack C) brute force attack D) comprehensive keyboard attack Answer: C 95) To defeat brute-force attacks, a password must be ______________. A) long B) complex C) both A and B D) neither A nor B Answer: C 96) With complex passwords, adding a single character increases the number of passwords that must be tried in brute force guessing by a factor of about ______________. A) 2 B) 10 C) 25 D) 70 Answer: D 97) With a complex password, adding two characters will require the attacker to make more than 1,000 more attempts to crack the password. Answer: True 98) According to the book, passwords should be at least ______________ characters long. A) 6 B) 8 C) 12 D) 20 Answer: B 99) The password velociraptor can be defeated most quickly by a ______________. A) dictionary attack B) hybrid mode dictionary attack C) brute-force attack D) None of the above because it is more than 8 characters long. Answer: A 100) The password velociraptor is adequately strong. Answer: False 101) The password Velociraptor can be defeated most quickly by a ______________. A) dictionary attack B) hybrid mode dictionary attack C) brute force attack D) All of the above could defeat the password equally quickly. Answer: B 102) The password Velociraptor is adequately strong. Answer: False 103) The password NeVEr can be defeated by a ______________. A) dictionary attack B) hybrid dictionary attack C) brute force attack D) none of the above Answer: C 104) The password NeVEr is adequately strong. Answer: False 105) The password R7%t& can be defeated by a ______________. A) dictionary attack B) hybrid mode dictionary attack C) brute-force attack D) All of the above could defeat the password equally quickly. Answer: C 106) The password R7%t& is adequately strong. Answer: False 107) The password 7u3aB& can be defeated most quickly by a ______________. A) simple dictionary attack B) hybrid mode dictionary attack C) brute-force attack D) All of the above could defeat the password equally quickly. Answer: C 108) The password 7u3aB& is adequately strong. Answer: False 109) Biometrics is the use of body measurements to authenticate you. Answer: True 110) Which of the following is a criterion by which biometrics can be judged? A) cost B) susceptibility to deception C) both A and B D) neither A nor B Answer: C 111) Fingerprint scanning may be an acceptable access control method for ordinary laptops. Answer: True 112) Iris scanning is attractive because of its ______________. A) low cost B) precision C) both A and B D) neither A nor B Answer: B 113) Which of the following can be done today without the target's knowledge? A) iris scanning B) face recognition C) both A and B D) neither A nor B Answer: B 114) In digital certificate authentication, the supplicant does a calculation with ______________. A) the supplicant's private key B) the verifier's private key C) the true party's private key D) none of the above Answer: A 115) In digital certificate authentication, the verifier uses ______________. A) the supplicant's public key B) the verifier's public key C) the true party's public key D) none of the above Answer: C 116) In digital certificate authentication, the verifier uses ______________. A) the supplicant's public key B) the true party's public key C) both A and B D) neither A nor B Answer: B 117) The digital certificate provides the ______________. A) private key of the supplicant B) private key of the true party C) public key of the supplicant D) none of the above Answer: D 118) In digital certificate authentication, the verifier gets the key it needs directly from the ______________. A) supplicant B) verifier C) true party D) certificate authority Answer: D 119) In authentication, defense in depth is provided through ______________. A) the use of digital certificates B) passing authentication messages through firewalls C) two-factor authentication D) none of the above Answer: C 120) Two-factor authentication usually will work even if the attacker controls the supplicant's computer. Answer: False 121) Two-factor authentication usually will work even if the attacker can intercept all authentication communication. Answer: False 122) Two-factor authentication usually will work ______________. A) even if the attacker controls the supplicant's computer B) even if the attacker can intercept all authentication communication C) both A and B D) neither A nor B Answer: D 123) When a firewall identifies an attack packet, it ______________. A) discards the packet B) copies information about the packet into a log file C) both A and B D) neither A nor B Answer: C 124) A firewall drops a packet if it probably but not definitely is an attack packet. Answer: False 125) A firewall will drop a packet if it ______________. A) is a definite attack packet B) is a probable attack packet C) both A and B D) neither A nor B Answer: A 126) Firewall log files should be read ______________. A) every hour B) every day C) every week D) usually only when a serious attack is suspected Answer: B 127) Egress filtering examines packets ______________. A) arriving from the outside B) leaving to the outside C) both A and B D) neither A nor B Answer: B 128) Static packet filtering ______________. A) only looks at a single packet at a time, without context B) may be used for pre-screening before the main packet firewall C) both A and B D) neither A nor B Answer: C 129) ACLs are used for packets in the ______________ state. A) connection-opening B) ongoing communication C) both A and B D) neither A nor B Answer: A 130) When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ______________. A) drops the packet B) drops the packet and notifies an administrator C) passes the packet D) passes the packet, but notifies an administrator Answer: C 131) When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at a stateful inspection firewall, the firewall ______________. (Read this question carefully.) A) drops the packet B) passes the packet C) opens a new connection D) does not approve the connection Answer: A 132) Stateful firewalls are attractive because of their ______________. A) high filtering sophistication B) ability to filter complex application content C) QoS guarantees D) low cost Answer: D 133) ______________ is the dominant firewall filtering method used on main border firewalls today. A) ACL filtering B) Application content filtering C) Stateful packet inspection D) None of the above Answer: C 134) How will an SPI firewall handle a packet containing a TCP segment which is an acknowledgement? A) process it through the ACL B) pass it if it is part of an approved connection C) both A and B D) neither A nor B Answer: B 135) How will an SPI firewall handle a packet containing a TCP SYN segment? A) process it through the ACL B) pass it if it is part of an approved connection C) both A and B D) neither A nor B Answer: A 136) How will an SPI firewall handle a packet containing a TCP FIN segment? A) process it through the ACL B) pass it if it is part of an approved connection C) both A and B D) neither A nor B Answer: B 137) Which type of firewall filtering collects streams of packets to analyze them as a group? A) static packet filtering B) stateful packet inspection C) deep inspection D) none of the above Answer: C 138) Which type of firewall filtering looks at application-layer content? A) static packet filtering B) stateful packet inspection C) deep inspection D) all of the above Answer: C 139) What type of filtering does an application-aware firewall use? A) static packet filtering B) stateful packet inspection C) deep inspection D) all of the above Answer: C 140) Deep inspection firewalls grew out of ______________. A) static packet filtering B) stateful packet inspection C) intrusion detection systems D) none of the above Answer: C 141) ASIC technology has been critical to the development of ______________. A) static packet filtering B) stateful packet inspection C) deep packet inspection D) none of the above Answer: C 142) A specific encryption method is called a ______________. A) code B) schema C) key method D) cipher Answer: D 143) Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ______________. A) authentication B) confidentiality C) both A and B D) neither A nor B Answer: B 144) In two-way dialogues using symmetric key encryption, how many keys are used for encryption and decryption? A) 1 B) 2 C) 4 D) none of the above Answer: A 145) In symmetric key encryption, a key must be ______________ bits long or longer to be considered strong. (Choose the choice closest to the correct answer.) A) 40 B) 56 C) 128 D) 1,024 Answer: C 146) Electronic signatures provide message-by-message ______________. A) authentication B) confidentiality C) both A and B D) neither A nor B Answer: A 147) Electronic signatures provide message-by-message ______________. A) integrity B) authentication C) both A and B D) neither A nor B Answer: C 148) Which of the following is not one of the four response phases for when attacks occur? A) detecting the attack B) stopping the attack C) repairing the damage D) All of the above are response phases. Answer: D 149) Forensic procedures are ways to capture and safeguard data in ways that fit rules of evidence in court proceedings. Answer: True 150) Computer security incident response teams (CSIRTs) are used in ______________. A) false alarms B) normal incidents C) major incidents D) disasters Answer: C 151) CSIRTs should include ______________. A) IT personnel B) senior line managers C) both A and B D) neither A nor B Answer: D 152) ______________ is the reestablishment of information technology operations after a disaster. A) Business continuity recovery B) Disaster recovery Answer: B Chapter 4 Network Management 1) The systems development life cycle includes the operation of a system after its creation. Answer: False 2) Networking professionals only need to worry about the SDLC-not the SLC. Answer: False 3) Which of the following is the managing of a system throughout its life? A) SDLC B) SLC C) both A and B D) neither A nor B Answer: B 4) Which of the following is growing more rapidly? A) network demand B) network budgets C) Both of the above are growing equally rapidly. Answer: A 5) Network managers do not need to worry very much about cost when making decisions. Answer: False 6) Performing an in-depth inventory of the current state of the company's network is called ______________. A) sensitivity analysis B) GIGO analysis C) validation D) what-is analysis Answer: D 7) Which of the following is not a driving force for change in a company's technological infrastructure? A) the introduction of disruptive applications B) organizational change within the company C) the normal continuing growth of application traffic demand D) All of the above are driving forces for change. Answer: D 8) After performing what-is analysis, it is generally a good idea to perform gaps analysis. Answer: True 9) Decisions that lock an organization into a specific vendor or technology option for several years are ______________. A) SDLC B) SLC C) strategic D) legacy Answer: D 10) In QoS, the S stands for ______________. A) software B) security C) service D) satisfaction Answer: C 11) QoS is quantified through ______________. A) criteria B) consensus C) metrics D) none of the above Answer: C 12) Transmission speed normally is measured in bits per second. Answer: True 13) Transmission speed normally is measured in bytes per second. Answer: False 14) Transmission speed is normally measured in ______________. A) bits per second B) bytes per second C) both of the above about equally D) neither A nor B Answer: A 15) Which of the following correctly orders metric prefixes from smallest to largest? A) kilo, giga, mega B) kilo, mega, giga C) mega, kilo, giga D) giga, kilo, mega Answer: B 16) Which of the following is written improperly? A) 170 Mbps B) 48.62Gbps C) 95.328 Gbps D) All of the above are written properly. Answer: B 17) Throughput is ______________. A) the speed a network actually provides to users B) a network's rated speed C) both of the above D) neither A nor B Answer: A 18) Throughput is a network's rated speed. Answer: False 19) Users of an access point share the transmission capacity of the access point. The throughput they share is called the ______________. A) rated speed B) aggregate throughput C) individual throughput D) all of the above Answer: B 20) Users of an access point share the transmission capacity of the access point. The throughput an individual user gets is called the ______________. A) rated speed B) aggregate throughput C) individual throughput D) all of the above Answer: C 21) An access point has a total throughput of 100 Mbps. Twenty-five users are working at laptops that use the access point. The speed a particular user will get at any particular moment is likely to be ______________. A) 100 Mbps B) 4 Mbps C) neither of the above Answer: C 22) Availability is the percentage of time that a network is available for use. Answer: True 23) ______________ is the percentage of time that a network is available for use. A) Availability B) Downtime C) QoS D) None of the above Answer: A 24) Downtime is the percentage of time that a network is available for use. Answer: False 25) Which typically is designed to be available at least 99.999% of the time? A) the telephone network B) data networks C) both A and B D) neither A nor B Answer: A 26) The Public Switched Telephone Network is designed to be available 99.999% of the time. Answer: True 27) Which of the following usually has higher availability? A) data networks B) the Public Switched Telephone Network C) Both of the above usually have equal availability. Answer: B 28) The percentage of packets that are lost or damaged during delivery is called the ______________. A) packet error rate B) bit error rate C) neither A nor B Answer: A 29) Error rates should be measured when the network traffic ______________. A) is close to capacity B) is functioning at a normal level C) is functioning at an unusually low level D) any of the above Answer: A 30) Companies should measure error rates when traffic levels are low in order to have a good understanding of error rate risks. Answer: False 31) When a packet travels through a network, the time it takes to get from the sender to the receiver is called ______________. A) latency B) milliseconds C) jitter D) throughput Answer: A 32) Latency is usually measured in ______________. A) bits per second (bps) B) milliseconds (ms) C) minutes of downtime D) none of the above Answer: B 33) Variability in delay is called jitter. Answer: True 34) Variability in delay is called ______________. A) jitter B) variance C) a QoS failure D) latency Answer: A 35) Jitter is a problem for ______________. A) voice over IP (VoIP) B) streaming media C) both A and B D) neither A nor B Answer: C 36) Jitter is a problem for ______________. A) streaming media B) e-mail C) both A and B D) neither A nor B Answer: A 37) The terms "latency" and "application response time" mean approximately the same thing. Answer: False 38) Who is normally in charge of managing application response time? A) networking B) security C) application and host managers D) nobody Answer: D 39) An SLA should specify the ______________. A) best case B) worst case C) both A and B D) neither A nor B Answer: B 40) An SLA for latency should specify a ______________. A) maximum latency B) minimum latency C) both A and B D) neither A nor B Answer: A 41) An SLA for availability should specify a ______________. A) maximum availability B) minimum availability C) both A and B D) neither A nor B Answer: B 42) If a carrier does not meet its SLA guarantees, it generally must pay a penalty to its customers. Answer: True 43) ______________ is the physical arrangement of a network's computers, switches, routers, and transmission lines. A) Network architecture B) Network topology C) Network layout D) None of the above Answer: B 44) Topology is a ______________ layer concept. A) physical B) data link C) both A and B D) neither A nor B Answer: A 45) In the ______________ topology, there are only two nodes. A) mesh B) hierarchical C) bus D) point-to-point Answer: D 46) In the ______________ topology, there is only a single possible path between two end nodes. A) mesh B) hierarchical C) both A and B D) neither A nor B Answer: B 47) In the ______________ topology, there are many possible paths between two end nodes. A) mesh B) hierarchial C) both A and B D) neither A nor B Answer: A 48) Broadcasting is used in the ______________ topology. A) mesh B) hierarchical C) bus D) none of the above Answer: C 49) What topology do radio transmission networks normally use? A) mesh B) hierarchical C) bus D) none of the above Answer: C 50) Which of the following can be used in a complex topology? A) mesh B) hierarchy C) both A and B D) neither A nor B Answer: C 51) Reliability is an advantage of ______________. A) full mesh networks B) pure hub-and-spoke networks C) both A and B D) neither A nor B Answer: A 52) Low cost is an advantage of ______________. A) full mesh leased line networks B) pure hub-and-spoke networks C) both A and B D) neither A nor B Answer: B 53) Which type of network typology is less expensive to operate? A) full mesh leased-line networks B) pure hub-and-spoke leased line networks C) Both A and B cost about the same to operate. Answer: C 54) Most corporate leased line networks are ______________. A) full mesh leased line networks B) pure hub-and-spoke leased line networks C) both of the above D) neither A nor B Answer: D 55) Overprovisioning is ______________. A) wasteful of capacity B) highly labor-intensive C) both A and B D) neither A nor B Answer: A 56) Overprovisioning means ______________. A) assigning high priority to latency-intolerant applications while giving low priority to latency-tolerant applications B) adding much more switching and transmission line capacity than will be needed most of the time Answer: B 57) Overprovisioning is adding much more switching and transmission line capacity than will be needed most of the time. Answer: True 58) Priority is assigning high priority to ______________ applications while giving low priority to ______________ applications. A) latency-tolerant, latency-intolerant B) latency-intolerant, latency-tolerant Answer: B 59) Priority is more labor-intensive than overprovisioning. Answer: True 60) A packet will definitely get through if it has ______________. A) QoS reserved capacity B) high priority C) both A and B Answer: A 61) QoS guarantees help traffic even if the traffic is not given specific QoS guarantees. Answer: False 62) ______________ restricts traffic entering the network at access points. A) Overprovisioning B) Priority C) QoS reservations D) Traffic shaping Answer: D 63) Priority restricts traffic entering the network at access points. Answer: False 64) Traffic shaping can ______________. A) filter out unwanted traffic B) limit some traffic to a certain percentage of total capacity C) both A and B D) neither A nor B Answer: C 65) Traffic shaping can substantially reduce a network's overall traffic. Answer: True 66) ______________ can help reduce the traffic coming into a network. A) Traffic shaping B) Compression C) Both A and B D) Neither A nor B Answer: C 67) To do compression, you need to have compatible equipment at the two ends of the network. Answer: True 68) Data cannot be compressed unless it has redundancy. Answer: True 69) If a product fails to meet minimum requirements, it should be dropped from consideration. Answer: True 70) If a product fails to meet minimum requirements, ______________. A) it should be dropped from further consideration B) it may still be the best product after you have conducted a multicriteria analysis Answer: A 71) A solution fails to be scalable if it is ______________. A) too expensive at higher traffic volumes B) unable to grow to meet higher traffic volume C) both A and B D) neither A nor B Answer: C 72) Firms generally make their own routers and switches, rather than purchasing them. Answer: False 73) Hardware base prices usually give an accurate indication of the actual cost of using the hardware. Answer: False 74) The price of hardware before adding components that will be needed in actual practice is called the ______________ price. A) total B) base C) preliminary D) none of the above Answer: B 75) Which of the following is not one of the categories of SDLC costs? A) hardware costs B) software costs C) carrier costs D) outsourcing development costs Answer: C 76) The cost of a system over its entire life cycle is called the ______________. A) total cost of ownership B) base price C) both A and B D) neither A nor B Answer: A 77) The total cost of ownership is the cost of a system during its systems development life cycle. Answer: False 78) Carrier costs occur during the ______________. A) SLC B) SDLC C) both A and B D) neither A nor B Answer: A 79) Carrier costs are a factor in the systems life cycle. Answer: True 80) The acronym OAM&P stands for ______________. A) organization, authorization, management, and planning B) operations, administration, maintenance, and provisioning C) operations, administration, management, and provisioning D) organization, administration, maintenance, and planning Answer: B 81) Operations manages the network on a second-by-second basis. Answer: True 82) ______________ is managing the network on a second-by-second basis. A) Operations B) Administration C) Provisioning D) Maintenance Answer: A 83) Provisioning is setting up service. Answer: True 84) Operations is setting up service. Answer: False 85) Reprovisioning may be necessary when ______________. A) a user changes jobs within the firm B) a user joins a project team C) both A and B D) neither A nor B Answer: C 86) Reprovisioning may be necessary when a user leaves the company entirely. Answer: False 87) Deprovisioning may be necessary when ______________. A) a user joins a project team B) a user leaves the company entirely C) both A and B D) neither A nor B Answer: B 88) Making purchases is a function of ______________. A) operations B) administration C) provisioning D) maintenance Answer: B 89) Which of the following is not one of the main elements in SNMP? A) the manager B) managed devices C) the management information base D) All of the above are main elements in SNMP. Answer: D 90) In SNMP, the manager communicates directly with a(n) ______________. A) managed device B) agent C) both of the above D) neither A nor B Answer: B 91) In SNMP, the manager communicates directly with a managed device. Answer: False 92) SNMP Get commands ask agents for information about the managed device. Answer: True 93) SNMP Set commands can ______________. A) ask agents for information about the managed device B) reroute traffic C) both A and B D) neither A nor B Answer: B 94) SNMP ______________ commands can change how managed devices operate. A) Get B) Set C) both A and B D) neither A nor B Answer: B 95) The SNMP manager stores the information it receives from Get commands ______________. A) in the MIB B) on the agent C) on the managed device D) in the cloud Answer: A 96) SNMP agents can initiate ______________. A) Get commands B) Set commands C) traps D) all of the above Answer: C Test Bank for Business Data Networks and Security Raymond R. Panko, Julia L. Panko 9780132742931, 9780133544015, 9780134817125
Close