This Document Contains Chapters 1 to 12 Chapter 1 Introduction to Networking Review Questions 1. In the client-server model, what is the primary protocol used for communication between a browser and web server? a. FTP b. TCP c. HTTP d. SSL Answer: c. HTTP 2. Which two encryption protocols might be used to provide secure transmissions for browser and web server communications? a. HTTP and HTTPS b. SSL and TLS c. SSL and HTTP d. TCP and UDP Answer: b. SSL and TLS 3. Which email protocol allows an email client to download email messages to the local computer? a. IMAP4 b. SMTP c. TCP d. POP3 Answer: d. POP3 4. Which email protocol allows an email client to read mail stored on the mail server? a. IMAP4 b. SMTP c. TCP d. POP3 Answer: a. IMAP4 5. Which application embedded in Windows operating systems allows remote control of a computer and uses the RDP secure protocol for transmissions? a. Telnet b. Remote Desktop c. SFTP d. SSH Answer: b. Remote Desktop 6. A network consists of five computers, all running Windows 10 Professional. All the computers are connected to a switch, which is connected to a router, which is connected to the Internet. Which networking model does the network use? a. Star-bus b. Ring c. Hybrid d. Peer-to-peer Answer: d. Peer-to-peer 7. In Question 6, suppose one computer is upgraded from Windows 10 Professional to Windows Server 2016. Which networking model can the network now support that it could not support without the upgrade? a. Hybrid b. Client-server c. Star-bus d. Ring Answer: b. Client-server 8. A network consists of seven computers and a network printer, all connected directly to one switch. Which network topology does this network use? a. Hybrid b. Mesh c. Star-bus d. Star Answer: d. Star 9. In Question 8, suppose a new switch is connected to the first switch by way of a network cable, and three computers are connected to the new switch. Which network topology is now used? a. Hybrid b. Mesh c. Star-bus d. Star Answer: c. Star-bus 10. Which type of address is used at the Transport layer to identify the receiving application? a. IP address b. Port c. MAC address d. Protocol Answer: b. Port 11. What is the name of the domain controller database that Windows Server 2016 uses to store data about user access and resources on the network? Answer: Active Directory 12. What is the fundamental distinction between a Layer 2 switch and a router? Answer: A Layer 2 switch belongs only to its local network, and a router belongs to two or more networks. 13. What is the fundamental distinction between a node and a host? Answer: A host is a computer that hosts a resource on the network, and a node is any computer or device that can be addressed on the network. 14. What is the fundamental distinction between a MAN and a WAN? Answer: A MAN covers a small geographical area, and a WAN covers a large geographical area. 15. What is a message called that is delivered by TCP? What is a message called that is delivered by UDP? At which layer do the two protocols work? Answer: • Segment • Datagram • Transport layer 16. At the Network layer, what type of address is used to identify the receiving host? Answer: IP address 17. At the Data Link layer, which type of network address is used to identify the receiving node? Answer: Physical address, MAC address, hardware address, or Data Link layer address 18. A computer is unable to access the network. When you check the LED lights near the computer’s network port, you discover the lights are not lit. Which layer of the OSI model are you using to troubleshoot this problem? At which two layers does the network adapter work? Answer: • Physical layer • Data Link layer and Physical layer 19. A user complains that he cannot access a particular website, although he is able to access other websites. At which layer of the OSI model should you begin troubleshooting this problem? Answer: Application layer 20. A user complains that Skype drops her videoconference calls and she must reconnect. At which layer of the OSI model should you begin troubleshooting? Which OSI layer is responsible for not dropping the Skype connection? Answer: • Application layer • Session layer Chapter 2 Network Infrastructure and Documentation Review Questions 1. A technician from your ISP has arrived to help you troubleshoot a weak WAN connection. To what location do you take her? a. DF b. Work area c. CEO’s office d. Entrance facility Answer: d. Entrance facility 2. A transceiver was recently damaged by a lightning strike during a storm. How might you decide whether the ISP is responsible for replacing this device, or whether your company must foot the bill? a. Look at whether the device is located on the ISP’s side of the demarc. b. Look at the manufacturer information on the device’s label. c. Look at purchase records for the device to determine when it was acquired. d. Look at what kinds of cables are connected to this device. Answer: a. Look at whether the device is located on the ISP’s side of the demarc. 3. Which of the following devices are you likely to find in the MDF? Choose all that apply. a. Routers b. Switches c. Network printer d. KVM switch Answer: a. Routers, b. Switches, and d. KVM switch 4. Which device converts signals from a campus’s analog phone equipment into IP data that can travel over the Internet? a. VoIP PBX b. VoIP endpoint c. VoIP gateway d. VoIP switch Answer: c. VoIP gateway 5. If you’re shopping for a rack switch, what component on the switch tells you it can be mounted to a rack? a. AC adapter b. Rack ears c. Padded feet d. Large fans Answer: b. Rack ears 6. You need to connect a new network printer to a nearby wall jack. What kind of cable should you use? a. Fiber-optic cable b. Patch cable c. Backbone cable d. Plenum-rated cable Answer: b. Patch cable 7. You’ve decided to run an Nmap scan on your network. What app could you open to perform this task? Choose all that apply. a. Zenmap b. Microsoft Edge c. Command Prompt d. PowerShell Answer: a. Zenmap, c. Command Prompt, and d. PowerShell 8. What type of diagram shows a graphical representation of a network’s wired infrastructure? a. Rack diagram b. Wiring schematic c. Network map d. Network topology Answer: b. Wiring schematic 9. Which of these is considered a secure place to store a list of documented network passwords? a. The CEO’s smartphone b. A sticky note under the keyboard c. A password manager d. The MDF Answer: c. A password manager 10. What is the first step of inventory management? a. Interview users. b. Back up network data. c. List an administrative account’s username and password for each device on a network. d. List all components on the network. Answer: d. List all components on the network. 11. There is only one ________ per network, but there can be many ________ connecting internal portions of the network. Answer: MDF, IDFs 12. Why is it important to use a structured cabling standard when installing and managing cabling systems? Answer: The standard suggests how networking media can best be installed to maximize performance and minimize upkeep. 13. Why is it important to use plenum-rated cabling in the area above the ceiling tile? Answer: A plenum-rated cable is coated with a flame-resistant jacket that produces less smoke than regular cable coated with PVC (polyvinyl chloride). In the event of a fire, smoke produced by plenum cabling is less toxic than that produced by PVC cabling. 14. What is the unit of measurement that defines the space available in a rack? How tall are standard racks? Answer: Rack unit; the industry standard height is 42U (about 6 feet) 15. Why is it important to minimize cable clutter in a rack? Answer: To help prevent airflow blockages and heat buildup 16. What are some elements that are typically included in network diagrams? Answer: Answers may include: physical layout, logical topology, IP address reserves, names of major network devices, and types of transmission media 17. How can you go about gathering the information needed to assemble a thorough operations manual? Answer: Answers may include: visits to data rooms, an examination of servers and desktops, a review of receipts for software and hardware purchases, and the use of a protocol analyzer or network management software package 18. List some good names for devices on your home network or on the network in your school’s lab. Demonstrate the use of best practices when creating a naming scheme for devices on a computer network. Answer: Answers may vary. • Office-Printer-01: Clearly indicates the device type and its location. • Lab-PC-Research-02: Identifies the lab setting and specific function of the PC. • Living Room-Smart TV: Combines room designation with device type for easy identification. • Kitchen-Speaker-01: Helps in locating devices based on their function and physical placement. • Server-DataBackup-01: Indicates the device’s purpose and ensures a systematic numbering system. Using clear, descriptive names helps with organization and management, making it easier to identify and troubleshoot devices. 19. For what time period should you schedule a network change? Answer: During off-hours (unless it’s an emergency) 20. In a large organization, how do you typically request permission to perform a network change? Answer: Submit a change request document. Chapter 3 Addressing on Networks Review Questions 1. Which part of a MAC address is unique to each manufacturer? a. The network identifier b. The OUI c. The device identifier d. The physical address Answer: b. The OUI 2. What type of device does a computer turn to first when attempting to make contact with a host with a known IP address on another network? a. Default gateway b. DNS server c. Root server d. DHCP server Answer: a. Default gateway 3. What decimal number corresponds to the binary number 11111111? a. 255 b. 256 c. 127 d. 11,111,111 Answer: a. 255 4. Suppose you send data to the 11111111 11111111 11111111 11111111 IP address on an IPv4 network. To which device(s) are you transmitting? a. All devices on the Internet b. All devices on your local network c. The one device that is configured with this IP address d. No devices Answer: b. All devices on your local network 5. When your computer first joins an IPv6 network, what is the prefix of the IPv6 address the computer first configures for itself? a. FF00::/8 b. 2001::/64 c. 2001::/3 d. FE80::/10 Answer: d. FE80::/10 6. If you are connected to a network that uses DHCP, and you need to terminate your Windows workstation’s DHCP lease, which command would you use? a. ipconfig /release b. ipconfig /renew c. ifconfig /release d. ifconfig /renew Answer: a. ipconfig /release 7. Which of these commands is available only in Linux? a. ping b. ipconfig c. dig d. nslookup Answer: c. dig 8. Which computers are the highest authorities in the Domain Name System hierarchy? a. Authoritative name servers b. Root servers c. Top-level domain servers d. Primary DNS servers Answer: b. Root servers 9. You have just brought online a new secondary DNS server and notice your network-monitoring software reports a significant increase in network traffic. Which two hosts on your network are likely to be causing the increased traffic and why? a. The caching and primary DNS servers, because the caching server is requesting zone transfers from the primary server b. The secondary and primary DNS servers, because the secondary server is requesting zone transfers from the primary server c. The root and primary DNS servers, because the primary server is requesting zone transfers from the root server d. The web server and primary DNS server, because the web server is requesting zone transfers from the primary DNS server Answer: b. The secondary and primary DNS servers, because the secondary server is requesting zone transfers from the primary server 10. Which type of DNS record identifies an email server? a. AAAA record b. CNAME record c. MX record d. PTR record Answer: c. MX record 11. What is the range of addresses that might be assigned by APIPA? Answer: 169.254.0.1 through 169.254.255.254 12. You are the network manager for a computer training center that allows students to bring their own laptops to class for learning and taking notes. Students need access to the Internet, so you have configured your network’s DHCP server to issue IP addresses automatically. Which DHCP option should you modify to make sure you are not wasting addresses used by students who have left for the day? Answer: Lease time 13. You have decided to use SNAT and PAT on your small office network. At minimum, how many IP addresses must you obtain from your ISP for all five clients in your office to be able to access servers on the Internet? Answer: 1 14. How many bits does an IPv6 address contain? Answer: 128 bits 15. FTP sometimes uses a random port for data transfer, but an FTP server always, unless programmed otherwise, listens to the same port for session requests from clients. What port does an FTP server listen on? Answer: 21 16. You issue a transmission from your workstation to the following socket on your LAN: 10.1.1.145:110. Assuming your network uses standard port designations, what Application layer protocol handles your transmission? Answer: POP3 17. Suppose you want to change the default port for RDP as a security precaution. What port does RDP use by default, and from what range of numbers should you select a private port number? Answer: 3389; 49152 through 65535 18. You have just set up a new wireless network at your house, and you want to determine whether your Linux laptop has connected to it and obtained a valid IP address. What command will give you the information you need? Answer: ifconfig -a 19. While troubleshooting a network connection problem for a coworker, you discover the computer is querying a non-existent DNS server. What command-line utility can you use to assign the correct DNS server IP address? Answer: nslookup (in interactive mode) 20. When running a scan on your computer, you find that a session has been established with a host at the address 208.85.40.44:80. Which Application layer protocol is in use for this session? What command-line utility might you use to determine which computer is the host? Answer: • Port 80 indicates this an HTTP session. • nslookup can identify the domain name of the host at that IP address Chapter 4 Network Protocols and Routing Review Questions 1. Which protocol’s header would a Layer 4 device read and process? a. IP b. TCP c. ARP d. HTTP Answer: b. TCP 2. What field in a TCP segment is used to determine if an arriving data unit exactly matches the data unit sent by the source? a. Source port b. Acknowledgement number c. DiffServ d. Checksum Answer: d. Checksum 3. At which OSI layer does IP operate? a. Application layer b. Transport layer c. Network layer d. Data Link layer Answer: c. Network layer 4. Which OSI layer is responsible for directing data from one LAN to another? a. Transport layer b. Network layer c. Data Link layer d. Physical layer Answer: b. Network layer 5. What kind of route is created when a network administrator configures a router to use a specific path between nodes? a. Trace route b. Static route c. Default route d. Best path Answer: b. Static route 6. When a router can’t determine a path to a message’s destination, where does it send the message? a. Default gateway b. Routing table c. Administrative distance d. Gateway of last resort Answer: d. Gateway of last resort 7. A routing protocol’s reliability and priority are rated by what measurement? a. Routing table b. MTU c. Latency d. AD Answer: d. AD 8. Which routing protocol does an exterior router use to collect data to build its routing tables? a. RIPv2 b. BGP c. OSPF d. IP Answer: b. BGP 9. What is the Internet standard MTU? a. 65,535 bytes b. 1,522 bytes c. 1,500 bytes d. 9,198 bytes Answer: c. 1,500 bytes 10. Which two protocols manage neighbor discovery processes on IPv4 networks? a. ICMP and ARP b. IPv4 and IPv6 c. TCP and UDP d. BGP and OSPF Answer: a. ICMP and ARP 11. What three characteristics about TCP distinguish it from UDP? Answer: TCP is connection-oriented, uses sequencing and checksums, and provides flow control. 12. What process is used to establish a TCP connection? Answer: Three-way handshake 13. What is the difference between dynamic ARP table entries and static ARP table entries? Answer: Dynamic ARP table entries are created when a client makes an ARP request, whereas static ARP table entries are entered manually using the ARP utility. 14. Which two fields in an Ethernet frame help synchronize device communications but are not counted toward the frame’s size? Answer: Preamble and SFD 15. What four functions do all routers perform? Answer: 1. Connect dissimilar networks. 2. Interpret Layers 3 and 4 addressing and other information. 3. Determine the best path for data to follow. 4. Reroute traffic if a primary path is down but another path is available. 16. What database does a router consult before determining the most efficient path for delivering a message? Answer: Its routing table 17. Give three examples of routing metrics used by routers to determine the best of various available routing paths. Answer: (Any three) Hop count, theoretical bandwidth, actual throughput, path latency (or delay), path load, MTU, cost, reliability, network topology 18. List three IGPs (interior gateway protocols). Answer: (Any three) RIP, RIPv2, OSPF, IS-IS, EIGRP 19. Which Linux utility provides output similar to Wireshark’s? Answer: tcpdump 20. Which protocol is supported by ICMPv6 to facilitate neighbor discovery on an IPv6 network? Answer: NDP (Neighbor Discovery Protocol) Chapter 5 Network Cabling Review Questions 1. Which transmission characteristic is never fully achieved? a. Latency b. Throughput c. Bit rate d. Bandwidth Answer: d. Bandwidth 2. Which kind of crosstalk occurs between wire pairs near the source of the signal? a. Alien b. Tx/Rx reverse c. FEXT d. NEXT Answer: d. NEXT 3. Which kind of multiplexing assigns slots to nodes according to priority and need? a. WDM (wavelength division multiplexing) b. STDM (statistical time division multiplexing) c. TDM (time division multiplexing) d. CWDM (coarse wavelength division multiplexing) Answer: b. STDM (statistical time division multiplexing) 4. What kind of cable uses BNC connectors? Which connector is likely to be used by cable TV? a. Coaxial cable, F-connector b. Twisted-pair cable, RJ-11 c. Copper cable, RJ-45 d. Fiber-optic cable, MTRJ Answer: a. Coaxial cable, F-connector 5. Which of these categories of twisted-pair cable can support Gigabit Ethernet? a. Cat 5, Cat 6, Cat 7 b. Cat 5e, Cat 6, Cat 3 c. Cat 5e, Cat 6a, Cat 7 d. Cat 6, Cat 7a, Cat 5 Answer: c. Cat 5e, Cat 6a, Cat 7 6. Suppose you’re creating patch cables to be used in a government office. What color wire goes in the first pin? a. White/orange b. White/green c. Brown d. Blue Answer: b. White/green 7. What is the earliest twisted-pair cabling standard that meets the minimum requirements for 10GBase-T transmissions? a. Cat 5e b. Cat 5 c. Cat 6a d. Cat 7 Answer: c. Cat 6a 8. What type of fiber cable problem is caused when pairing a 50-micron core cable with a 62.5-micron core cable? a. Dirty connectors b. Wavelength mismatch c. Fiber type mismatch d. Tx/Rx reverse Answer: c. Fiber type mismatch 9. Which part of a toner and probe kit emits an audible tone when it detects electrical activity on a wire pair? a. TDR b. Tone generator c. Tone locator d. Toner Answer: c. Tone locator 10. Which fiber connector contains two strands of fiber in each ferrule? a. MTRJ b. SC c. ST d. LC Answer: MTRJ 11. How is latency measured, and in what unit? Answer: By calculating a packet’s RTT, or the length of time it takes for a packet to go from sender to receiver, then back from receiver to sender. RTT is usually measured in milliseconds. 12. What is a twist ratio, and why is it important? Answer: Twist ratio is the number of twists per meter or foot. The more twists per foot in a pair of wires, the more resistant the pair will be to crosstalk or noise. 13. What fiber is used in fiber-optic cabling to protect the inner core and prevent the cable from stretching? Answer: Kevlar, a polymeric fiber 14. What characteristic of optical transmissions is primarily responsible for the distance limitations of fiber-optic cabling? Answer: Optical loss 15. Why is SMF more efficient over long distances than MMF? Answer: The core of SMF is much narrower than that of MMF, and reflects very little. The light does not disperse as much along the fiber. 16. Why do APC ferrules create less back reflection than UPC ferrules? Answer: The end faces are placed at an angle to each other, so the reflection is sent back in a different direction than the source of the signal. 17. Which fiber transceiver is the same size as SFP transceivers, but can support network speeds over 10 Gbps? Answer: SFP+ 18. Suppose you’re assisting with a cable installation using fiber-optic cabling that will support Gigabit Ethernet. You’re approved to install segments up to 4000 m in length. What kind of cable are you using? Answer: SMF 19. What is the difference between short circuits and open circuits? Answer: A short circuit is one where connections exist in places they shouldn’t, while an open circuit is one where needed connections are missing. 20. What kind of tool can measure the distance to the location of damage in a cable? Answer: Answers may include cable performance tester, line tester, certifier, or network tester. Chapter 6 Wireless Networking Review Questions 1. What is the lowest layer of the OSI model at which wired and wireless transmissions share the same protocols? a. Layer 4 b. Layer 3 c. Layer 2 d. Layer 1 Answer: b. Layer 3 2. What technology does Bluetooth use to take advantage of the 79 channels allocated to the Bluetooth band? a. ZigBee b. DSSS c. RTS/CTS d. FHSS Answer: d. FHSS 3. Which one of the following wireless transmission types requires a clear LOS to function? a. Bluetooth b. NFC c. Infrared d. Wi-Fi Answer: c. Infrared 4. Which Bluetooth class has the highest power output? a. Class 1 b. Class 2 c. Class 3 d. They all have equal power output Answer: a. Class 1 5. A hacker takes advantage of an open Bluetooth connection to send a virus to a user’s smartphone. What kind of security breach has occurred? a. Data breach b. Bluejacking c. War driving d. Bluesnarfing Answer: d. Bluesnarfing 6. A user swipes her smartphone across a tag on a poster to obtain showtimes for a movie she wants to see later that evening. What wireless technology transmitted the data? a. NFC b. Bluetooth c. Z-Wave d. ANT+ Answer: a. NFC 7. Which 802.11 standard functions in both the 2.4-GHz and 5-GHz bands? a. 802.11g b. 802.11ac c. 802.11b d. 802.11n Answer: d. 802.11n 8. Which Carrier Sense technology is used on wireless networks to reduce collisions? a. CSMA/CD b. 802.11 c. CSMA/CA d. SSID Answer: c. CSMA/CA 9. You’ve just completed a survey of the wireless signals traversing the airspace in your employer’s vicinity, and you’ve found an unauthorized AP with a very strong signal near the middle of the 100-acre campus. What kind of threat do you need to report to your boss? a. Rogue AP b. War driving c. Bluesnarfing d. Hidden node Answer: a. Rogue AP 10. You just settled in for some study time at the local coffee shop, and you pause long enough to connect your smartphone to the Wi-Fi so you can listen to some music while you study. As you’re about to sign in, you realize that you clicked on an SSID called “Free Coffee and Internet.” What kind of security trap did you almost fall for? a. Guest network b. Bluejacking c. Evil twin d. Brute force attack Answer: c. Evil twin 11. To exchange information, two antennas must be tuned to the same __________. Answer: Frequency or channel 12. Which kind of antenna is used in a point-to-point link, especially over long distances? Answer: Unidirectional or directional 13. When a wireless signal encounters a large obstacle, what happens to the signal? Answer: The signal reflects, or bounces back, toward its source. 14. Signals traveling through areas in which many wireless communications systems are in use will exhibit a lower _______________ due to the higher proportion of noise. Answer: Signal-to-noise ratio 15. Which Wi-Fi frequency band offers 24 unlicensed communications channels in the United States? Answer: 5 GHz band 16. Why do wireless networks experience a greater reduction in throughput compared with wired networks? Answer: Wireless networks experience a high number of collisions and require greater overhead on each transmission, resulting in a significant reduction in throughput compared to wired networks. 17. Which IoT wireless standard is used to sync data from a smartwatch, bike computer, and smart phone to a single user account? Answer: ANT+ 18. 802.11ac provides an advantage over 802.11n by incorporating increased channel bonding capabilities. What size channels does 802.11ac support? Answer: 20, 40, 80, and (optional) 160 MHz channels 19. What feature of a site survey maps the Wi-Fi signals and other noise in your location? Answer: Heat map 20. You’re setting up a home network for your neighbor, who is a music teacher. She has students visiting her home regularly for lessons and wants to provide Internet access for their parents while they’re waiting on the children. However, she’s concerned about keeping her own data private. What wireless feature can you configure on her AP to meet her requests? Answer: A guest network Chapter 7Virtualization and Cloud Computing Review Questions 1. What software allows you to define VMs and manage resource allocation and sharing among them on a host computer? a. Hypervisor b. NFV (Network Functions Virtualization) c. SDN (software-defined networking) d. Terminal emulation Answer: a. Hypervisor 2. What virtual, logically defined device operates at the Data Link layer to pass frames between nodes? a. Virtual firewall b. Virtual switch c. Virtual router d. Virtual load balancer Answer: b. Virtual switch 3. With which network connection type does the VM obtain IP addressing information from its host? a. Bridged mode b. Managed mode c. NAT mode d. Host-only mode Answer: c. NAT mode 4. Which cloud computing services model gives software developers access to multiple operating systems for testing? a. IaaS b. PaaS c. SaaS d. XaaS Answer: b. PaaS 5. What service in Windows Server 2016 authenticates remote users and computers to the Windows domain and its corporate network resources? a. Active Directory b. Group Policy c. DirectAccess d. RAS (Remote Access Service) Answer: c. DirectAccess 6. Which remote access protocol is used over an Ethernet network? a. PPPoE b. RAS c. PPP d. SLIP Answer: a. PPPoE 7. Which encryption protocol does GRE use to increase the security of its transmissions? a. SSL b. SFTP c. IPsec d. SSH Answer: c. IPsec 8. Which tunneling protocol is a component of the IPsec protocol suite? a. L2TP b. OpenVPN c. PPTP d. IKEv2 Answer: d. IKEv2 9. Which encryption benchmark ensures data is not modified after it’s transmitted and before it’s received? a. Confidentiality b. Integrity c. Availability d. Symmetric Answer: b. Integrity 10. Which remote file access protocol is an extension of SSH? a. SFTP b. TFTP c. FTPS d. HTTPS Answer: a. SFTP 11. List two advantages to using virtualization on a network. Answer: Answers will include two of the following: • Efficient use of resources • Cost and energy savings • Fault and threat isolation • Simple backups, recovery, and replication 12. How does a vNIC get a MAC address? Answer: Upon creation, each vNIC is automatically assigned a MAC address. 13. Which Transport layer protocol does PPTP use? Answer: TCP 14. Which secured tunneling protocol might be able to cross firewalls where IPsec is blocked? Answer: OpenVPN 15. Which type of hypervisor is installed on bare metal? Answer: Type 1 16. When surfing online, you get some strange data on an apparently secure website, and you realize you need to check the legitimacy of the site. What kind of organization issues digital certificates for websites? Answer: CA (Certificate Authority) 17. Which current protocol is used to create secure transmissions for HTTP browsing sessions? Answer: TLS 18. What kind of device can be used to configure and manage physical and virtual networking devices across the network? Answer: SDN controller or network controller 19. Which terminal emulation protocol is similar to RDP but is open source? Answer: VNC (Virtual Network Connection) 20. Which port must be open for RDP traffic to cross a firewall? Answer: 3389 Chapter 8 Subnets and VLANs Review Questions 1. How many bits of a Class A IP address are used for host information? a. 8 bits b. 16 bits c. 24 bits d. 32 bits Answer: c. 24 bits 2. What is the formula for determining the number of possible hosts on a network? a. 2n = Y b. 2n – 2 = Y c. 2h = Z d. 2h – 2 = Z Answer: d. 2h – 2 = Z 3. Which of the following is not a good reason to segment a network? a. To limit access to broadcast domains b. To reduce the demand on bandwidth c. To increase the number of networking devices on a network d. To narrow down the location of problems on a network Answer: c. To increase the number of networking devices on a network 4. What is the least number of bits you would need to borrow from the network portion of a Class B subnet mask to get at least 130 hosts per subnet? a. None b. Eight c. Nine d. Ten Answer: b. Eight 5. What do well-chosen subnets accomplish? a. IP address spaces overlap for easier management. b. Network documentation is easier to manage. c. Routing efficiency is decreased by ensuring IP address spaces are not mathematically related. d. Problems affect the entire network, making them more difficult to pin down. Answer: b. Network documentation is easier to manage. 6. Which formulas can be used to calculate the magic number? Choose two. a. 256 – the interesting octet b. 2h – 2 c. 2n d. 2h Answer: a. 256 – the interesting octet, d. 2h 7. Which hexadecimal block in an IPv6 address is used for the Subnet ID? a. The first one b. The third one c. The fourth one d. The eighth one Answer: c. The fourth one 8. While designing your network’s VLAN topology, your team has decided to use a centrally managed DHCP server rather than creating a separate DHCP server for each VLAN. What software will you need in order to make the central DHCP server accessible across VLANs? a. DHCP relay agent b. DHCP server c. Hypervisor d. Virtual router Answer: a. DHCP relay agent 9. Which port mode on a switch enables that port to manage traffic for multiple VLANs? a. Console b. Ethernet c. Access d. Trunk Answer: d. Trunk 10. Which IEEE standard determines how VLANs work on a network? a. 802.1x b. 802.11 c. 802.3af d. 802.1Q Answer: d. 802.1Q 11. What is the network ID with CIDR notation for the IP address 172.16.32.108 whose subnet mask is 255.255.255.0? Answer: 172.16.32.108/24 12. Suppose your company has leased one Class C license, 120.10.10.0, and wants to sublease the first half of these IP addresses to another company. What is the CIDR notation for the subnet to be subleased? What is the subnet mask for this network? Answer: • 120.10.10.0/23 • 255.255.254.0 13. Subnetting operates at Layer ________ while VLANs function at Layer _______. Answer: • 3 • 2 14. Which VLAN on a switch manages untagged frames? Answer: The native VLAN 15. An attacker configures a VLAN frame with two tags instead of just one. The first tag directs the frame to the authorized VLAN. After the frame enters the first VLAN, the switch appropriately removes the tag, then discovers the next tag, and sends the frame along to a protected VLAN, which the attacker is not authorized to access. What kind of attack is this? Answer: Either VLAN hopping or double tagging is an acceptable answer 16. What area of a network can provide less stringent security so a web server is more accessible from the open Internet? Answer: DMZ (demilitarized zone) 17. On which networking device do you configure VLANs? Answer: Either switch or managed switch is an acceptable answer 18. Which IP addressing technique subnets a subnet to create subnets of various sizes? Answer: VLSM (variable length subnet mask) 19. Which VLAN is designed to support administrative access to networking devices? Answer: Management VLAN 20. Which Cisco command lists configured VLANs on a switch? Answer: show vlan Chapter 9 Network Risk Management Review Questions 1. Your organization has just approved a special budget for a network security upgrade. What procedure should you conduct in order to make recommendations for the upgrade priorities? a. Data breach b. Security audit c. Exploitation d. Posture assessment Answer: d. Posture assessment 2. Which type of DoS attack orchestrates an attack using uninfected computers? a. DDoS (Distributed DoS) attack b. Spoofing attack c. DRDoS (Distributed Reflection DoS) attack d. PDoS (Permanent DoS) attack Answer: c. DRDoS (Distributed Reflection DoS) attack 3. A company accidentally sends a newsletter with a mistyped website address. The address points to a website that has been spoofed by hackers in order to collect information from people who make the same typo. What kind of attack is this? a. Phishing b. Baiting c. Quid pro quo d. Tailgating Answer: a. Phishing 4. A former employee discovers six months after he starts work at a new company that his account credentials still give him access to his old company’s servers. He demonstrates his access to several friends to brag about his cleverness and talk badly about the company. What kind of attack is this? a. Principle of least privilege b. Insider threat c. Vulnerability d. Denial of service Answer: b. Insider threat 5. A spoofed DNS record spreads to other DNS servers. What is this attack called? a. ARP poisoning b. DHCP snooping c. MitM attack d. DNS poisoning Answer: d. DNS poisoning 6. Which of these attacks is a form of Wi-Fi DoS attack? a. Rogue DHCP server b. FTP bounce c. Deauthentication attack d. Amplified DRDoS attack Answer: c. Deauthentication attack 7. Leading up to the year 2000, many people expected computer systems the world over to fail when clocks turned the date to January 1, 2000. What type of threat was this? a. Ransomware b. Logic bomb c. Virus d. Worm Answer: b. Logic bomb 8. What kind of attack simulation detects vulnerabilities and attempts to exploit them? a. Red team-blue team exercise b. Vulnerability scanning c. Security audit d. Penetration testing Answer: d. Penetration testing 9. Which of the following is considered a secure protocol? a. FTP b. SSH c. Telnet d. HTTP Answer: b. SSH 10. A company wants to have its employees sign a document that details some project-related information that should not be discussed outside the project’s team members. What type of document should they use? a. AUP b. NDA c. MDM d. BYOD Answer: b. NDA 11. What is the difference between a vulnerability and an exploit? Answer: A weakness of a system, process, or architecture that could lead to compromised information or unauthorized access is known as a vulnerability. The act of taking advantage of a vulnerability is known as an exploit. 12. What are the four phases in the social engineering attack cycle? Answer: 1) Research. 2) Building trust. 3) Exploit. 4) Exit. 13. List five subtypes of DoS attacks. Answer: Distributed DoS, distributed reflection DoS, amplified DRDoS, permanent DoS, and friendly DoS 14. What type of scanning might identify that Telnet is running on a server? Answer: Port scanning 15. Give an example of biometric detection. Answer: Answers might include iris color patterns, hand geometry, facial recognition, or fingerprints 16. What unique characteristic of zero-day exploits make them so dangerous? Answer: The vulnerability is exploited before the software developer has the opportunity to provide a solution for it or before the user applies the published solution. 17. What characteristic of ARP makes it particularly vulnerable to being used in a DoS attack? Answer: ARP performs no authentication. 18. A neighbor hacks into your secured wireless network on a regular basis, but you didn’t give him the password. What loophole was most likely left open? Answer: The default password was not changed. 19. Which form of SHA was developed by private designers? Answer: SHA-3 20. Why might organizations be willing to take on the risk of BYOD? Answer: BYOD practices can be cheaper for organizations to implement and tend to improve efficiency and morale for employees and students. Chapter 10 Security in Network Design Review Questions 1. At what layer of the OSI model do proxy servers operate? a. Layer 3 b. Layer 2 c. Layer 7 d. Layer 4 Answer: c. Layer 7 2. Which of the following ACL commands would permit web-browsing traffic from any IP address to any IP address? a. access-list acl_2 deny tcp any any b. access-list acl_2 permit http any any c. access-list acl_2 deny tcp host 2.2.2.2 host 3.3.3.3 eq www d. access-list acl_2 permit icmp any any Answer: b. access-list acl_2 permit http any any 3. What kind of firewall blocks traffic based on application data contained within the packets? a. Host-based firewall b. Content-filtering firewall c. Packet-filtering firewall d. Stateless firewall Answer: b. Content-filtering firewall 4. Which of the following features is common to both an NGFW and traditional firewalls? a. Application Control b. IDS and/or IPS c. User awareness d. User authentication Answer: d. User authentication 5. Which NGFW feature allows a network admin to restrict traffic generated by a specific game? a. Content filter b. User awareness c. Context awareness d. Application awareness Answer: d. Application awareness 6. What software might be installed on a device in order to authenticate it to the network? a. Operating system b. Security policy c. NAC (network access control) d. Agent Answer: d. Agent 7. Which of the following is not one of the three AAA services provided by RADIUS and TACACS+? a. Authentication b. Authorization c. Access control d. Accounting Answer: c. Access control 8. What feature of Windows Server allows for agentless authentication? a. AD (Active Directory) b. ACL (access control list) c. IDS (intrusion detection system) d. Network-based firewall Answer: A. AD (Active Directory) 9. Which command on an Arista switch would require an SNMP notification when too many devices try to connect to a port? a. mac-limit b. switchport port-security c. storm-control d. shutdown Answer: b. switchport port-security 10. Active Directory and 389 Directory Server are both compatible with which directory access protocol? a. LDAP b. RADIUS c. Kerberos d. AES Answer: a. LDAP 11. What are the two primary features that give proxy servers an advantage over NAT? Answer: Content filtering and file caching 12. What kinds of issues might indicate a misconfigured ACL? Answer: Connectivity and performance issues between two hosts in which some applications or ports can make the connection while others can’t 13. Any traffic that is not explicitly permitted in the ACL is ___________, which is called the _________________. Answer: denied, implicit deny rule 14. What’s the essential difference between an IPS and an IDS? Answer: An IDS can only detect and log suspicious activity. An IPS can react when alerted to such activity. 15. What causes most firewall failures? Answer: Firewall misconfiguration 16. Why is a BPDU filter needed at the demarc? Answer: The ISP’s STP-related topology information shouldn’t be mixed with a corporate network’s STP-related topology information. 17. Why do network administrators create domain groups to manage user security privileges? Answer: To simplify the process of granting rights to users 18. Only one _______________ exists on a network using STP. Answer: root bridge 19. What kind of ticket is held by Kerberos’ TGS? Answer: TGT (ticket-granting ticket) 20. EAPoL is primarily used with what kind of transmission? Answer: Wireless Chapter 11 Network Performance and Recovery Review Questions 1. While troubleshooting a recurring problem on your network, you will want to examine the TCP messages being exchanged between a server and a client. Which tool should you use? a. Spiceworks b. Wireshark c. Packet Tracer d. VirtualBox Answer: b. Wireshark 2. One of your coworkers downloaded several, very large video files for a special project she’s working on for a new client. When you run your network monitor later this afternoon, what list will your coworker’s computer likely show up on? a. Top talkers b. Top listeners c. Giants d. Jabbers Answer: b. Top listeners 3. What command requests the next record in an SNMP log? a. SNMP Get Request b. SNMP Get Next c. SNMP Trap d. SNMP Get Response Answer: b. SNMP Get Next 4. What port do SNMP agents listen on? a. Port 161 b. Port 21 c. Port 162 d. Port 20 Answer: a. Port 161 5. Your roommate has been hogging the bandwidth on your router lately. What feature should you configure on the router to limit the amount of bandwidth his computer can utilize at any one time? a. Power management b. Port forwarding c. Port mirroring d. Traffic shaping Answer: d. Traffic shaping 6. What field in an IPv4 packet is altered to prioritize video streaming traffic over web surfing traffic? a. Traffic Class b. Priority Code Point c. Time to Live d. DiffServ Answer: d. DiffServ 7. When shopping for a new router, what does the MTBF tell you? a. How long until that device fails b. How much it will cost to repair that device c. How long devices like this one will last on average until the next failure d. How long it will usually take to repair that device Answer: c. How long devices like this one will last on average until the next failure 8. Which of the following features of a network connection between a switch and server is not improved by link aggregation? a. Bandwidth b. Fault tolerance c. Speed d. Availability Answer: c. Speed 9. Which power backup method will continually provide power to a server if the power goes out during a thunderstorm? a. Online UPS b. Generator c. Dual power supplies d. Standby UPS Answer: a. Online UPS 10. Which type of disaster recovery site contains all the equipment you would need to get up and running again after a disaster, and yet would require several weeks to implement? a. Warm site b. Standby site c. Hot site d. Cold site Answer: d. Cold site 11. When you arrive at work one morning, your inbox is full of messages complaining of a network slowdown. You collect a capture from your network monitor. What can you compare it to in order to determine what has changed? Answer: A baseline 12. What file must be accessed in order to analyze SNMP logs? Answer: MIB (Management Information Base) 13. What kinds of alerts can you program your network monitor to send to IT staff when it detects specific, problematic conditions? Answer: Email, text message (SMS), or new support ticket 14. Which QoS technique operates at Layer 2 to more efficiently route Ethernet traffic between VLANs? Answer: CoS (Class of Service) 15. Which fields are modified in IPv4 and IPv6 packets to help prioritize traffic for QoS? Answer: DiffServ for IPv4, Traffic Class for IPv6 16. What protocol is most often used to bond ports between a switch and a busy server? Answer: LACP (Link Aggregation Control Protocol) 17. What type of adapters are required on servers in an FCoE storage network? Answer: CNA (converged network adapter) 18. Why might you want to install two power supplies in a critical server? Answer: If one power supply fails, the other can take over. 19. What are the two main categories of UPSes? Answer: Standby and online 20. What is the primary goal of disaster recovery? Answer: Business continuity Chapter 12 Wide Area Networks Review Questions 1. What is the lowest layer of the OSI model at which LANs and WANs support the same protocols? a. Layer 2 b. Layer 3 c. Layer 4 d. Layer 5 Answer: b. Layer 3 2. An organization can lease a private _________________ that is not shared with other users, or a _________________ that can be physically configured over shared lines in the carrier’s cloud. a. PVC (permanent virtual circuit), SVC (switched virtual circuit) b. SVC (switched virtual circuit), dedicated line c. dedicated line, virtual circuit d. SVC (switched virtual circuit), PVC (permanent virtual circuit) Answer: c. dedicated line, virtual circuit 3. What kind of device can monitor a connection at the demarc but cannot interpret data? a. CSU/DSU b. NID c. NIU d. Smart jack Answer: d. Smart jack 4. What kind of network is the PSTN? a. Packet-switched b. Circuit-switched c. Virtual circuit d. Dedicated line Answer: b. Circuit-switched 5. How many channels are in an ISDN PRI connection? a. 2B+D b. 2D+B c. 23D+B d. 23B+D Answer: d. 23B+D 6. What specifications define the standards for cable broadband? a. ATM b. Digital signal c. ANSI d. DOCSIS Answer: d. DOCSIS 7. ______________ in SONET are analogous to the ________________ of T-carriers. a. Throughput, digital signal levels b. OC levels, digital signal levels c. QoS levels, OC levels d. OC levels, carrier levels Answer: b. OC levels, digital signal levels 8. Which DSL standard has the fastest speeds immediately outside the CO? a. VDSL b. ADSL c. SDSL d. ADSL2+ Answer: a. VDSL 9. What method does a GSM network use to separate data on a channel? a. SIM b. CDMA c. TDMA d. TDM Answer: c. TDMA 10. Where does an MPLS label go in a PDU? a. Layer 1 b. Between Layers 2 and 3 c. Between Layers 1 and 2 d. Layer 3 Answer: b. Between Layers 2 and 3 11. What are two types of virtual circuits? Answer: PVC (permanent virtual circuit) and SVC (switched virtual circuit) 12. What are three examples of Layer 2 LAN or PAN standards that also function at Layer 1? Answer: Answers may vary. Examples might include Ethernet, USB, Wi-Fi, and Bluetooth. 13. What information is typically included in a Layer 1 frame? Answer: A start symbol or short preamble, a length field, the Layer 2 payload, and possibly a marker to end the frame 14. Which ISDN channel carries signaling information? Answer: The Bearer channel (or B channel) 15. What two types of modulation does DSL use to carry data? Answer: Amplitude or phase modulation 16. What device must be installed on a DSL network to protect the sound quality of phone calls? Answer: A splitter 17. What type of network combines fiber with coax? Answer: HFC (hybrid fiber coaxial) 18. What is the maximum capacity of a T1 line? Answer: 1.544 Mbps 19. Which protocol can provide VoIP services over a Metro Ethernet connection? Answer: SIP 20. How large is an ATM cell? Answer: 53 bytes Solution Manual for Network+ Guide to Networks Jill West, Tamara Dean, Jean Andrews 9781337569330, 9781133608196
Download
Close
Close
