Advertisement Upgrade to remove ads

What is the main difference between RIP and RIPv2

Rip is a classfull and RIPv2 is a classless protocol

Which protocol has a limit of 15 hops between any two networks?

RIP

You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default rout has changed you need to make the change with the least amount of effort possible. What should you do?

Manually reconfigure the default route to point to the new next hop router.

What terms are synonymous with or made possible with CIDR

Classless
VLSM (variable lenght subnet mask)

What routing protocol is classified as a balanced Hybrid routing protocol?

EiGRP

A router is connected to network 192.168.1.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24. there is no default route configured on the router.

The router receives a packet address to network 10.1.0.0/16. What will the router do with the packet?

drop the packet

YOu have a network configured to use the OSPF routeing protocol. What describes the state when all OSPF routers have learned about all other routes in the network?

convergence

RIP uses?

hop counts as the cost metric

What routing protocols divides the network into areas, with all networks required to have an area 0?

OSPF

Under which circumstance might you implement BGP on your company network and share routes with Internet router?

It the network is connected to the Internet using multiple ISPs

What are the difference between OSPF and IS-IS

OSPF requires and area 0, while IS-IS does not

What describes OSPF?

OSPF is a classless link-state protocol.

YOu have a private network connected to the Internet. Your routers will not share routing information about you private network with Internet routers.
Which of the following best describes the type of routing protocol you would use?

IGP Interior Gateway Protocol

What information does the next hop entry in a routing table identify?

The first router in the path to the destination network.

You manage a server that uses an IP address of 192,168,255.188 with a mask of 255.255.0.0. Which of the following describes the address type?

classless

Which of the following is a characteristic of static routing when compared to dynamic routhing?

all routes must be manually updated on the route.

a router is connected to network 192.128.1.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24.
The next hop router for network 192.168.3.0/24 has changed. You nedd to make the change with the least amount of effort possible. What should you do?

Wait for convergence to take place.

What routing rpotocols are classified as lin state routing protocols

IS-IS
OSPF

Which of the following routing protocols is used by routers on the Internet for learning and sharing routes?

BGP

You need to enable hosts on your network to find the IP address of logical names such as srv1.myserver.com. What device would you use?

DNS server

You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. What protocol should you implement?

DNS

What is the purpose of using subnets?

Subnets divide an IP network into multiple network addresses.

Which of the following are frequencies defined by 802.11 committees for wireless networking?

2.3GHz

You have been contracted by OsCorp to recommend a wireless Internet solution. The wireless strategy must support a transmission range of 150 feet, use a frequency range of 2.4GHz and provide the highest possible transmission speeds.

802.11g

Which IEEE wireless standards specify transmission speeds up to 54Mbps

802.11g
802.11a

You are designing a wireless network for a client. You client needs the network to support a data rate of at least 54Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz.

802.11a

Which IEE standard describes wireless communication?

802.11b

How many total channels are available for 802.11a?

23

you are designing an update to your clients wireless network. The existing wireless network uses 803.11b equipment; which your client complains runs to slowly. She wants to upgrade the network to run at 54Mbps.
Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year, she will upgrade the wireless network boards in her users' workstations. She has also indicated the the system must continue to function during the transition period. Which 802.11 standard will work best in the situation?

802.11g

How many total channels are available for 802.11g wireless networks

11

Which data transmission rate is defined by the IEEE 802.11b wireless standard

11Mbps

What is the frequency fo 802.11a networking

5.75GHz

All of the 802.11 standards for wireless networking support which type of communication path sharing technology?

CSMA/CA
carrier sense multiple access with collision avoidance
system asks for permission to transmit
a designated authority (hub, router, access point) grants access when the communication medium is free
the system transmits data and waits for an ACK (acknowledgment)
If no ACK is received the data is retransmitted

Polling

is a mechanism where one system is labeled as the primary system. The primary system polls each secondary system in turn to inquire whether they have data transmit

Token passing

is a mechanism that uses a digital pass card, only the system holding the token is allowed to communicate

CSMA/CD

is the technology used by Ethernet:
listens for traffice, if the line is clear it begins transmitting
system listens for collisions
no collision, the communication succeeds. if collision are detected, an interrupt jam signal is broadcast to stop all transmissions. Each system waits a random amount of time before re-transmission

In Virtualizaiton, what is the role of the hypervisor?

A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.

Which component is most likely to allow physical and virtual machines to communicate with each other?

Virtual switch
allow multiple vitual servers to communicate on virtual network segments or the physical network

what protocol is used with VoIP

SIP: session initiation protocol set up, maintain and teardown redirect call
RTP: Real time protocol (packets contain the actual voice data:

What features is used with digital IP phones to supply power through a switch port?

PoE
Power over ethernet

What protocol is used by VoIP to set up, maintain, and terminate a phone call?

SIP

you have a computer that is connected to the Internet through a NAT router. You want to use a private addressing scheme for you computer. What IP addresses could you assign to the computer?

10.0.12.15
172.18.188.67
192.168.12.253

What is not one of the ranges of IP address defined in RFC 1918 that are commonly used behind a NAT server:

169.254.0.1-169.254.255.254

what associates a port number with a host on a private network?

PAT

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal web site.
What should you use to allow access?

Static NAT

Multicast

224.0.0.0 to 239.255.255.255.

IGMP snooping on a switch

allows the switch to control which ports get IGMP traffic for a specific group. With IGMP snooping, the switch identifies which ports include members of a specific multicast group. When a message is received for a group, the message is sent only to the ports that have a group member connected.

broadcasting,

a single packet is sent to the broadcast address and is processed by all hosts.

paravirtualization

hardware is not virtualized.

Network as a Service (NaaS)

Network as a Service (NaaS) is similar to the offsite virtual network in that the servers and desktops are all virtualized and managed by a contracted third-party. Be aware of the following:

NaaS virtualizes the entire network infrastructure; all physical wiring for the network is virtual and is run at the service provider's site.
A basic network is implemented on the contracted site in order to get out to the service provider's site.
Typically, all administration tasks of the network are handled by the service provider.

Signaling Method

Frequency Hopping Spread Spectrum (FHSS)
Direct-Sequence Spread Spectrum (DSSS)

Direct-Sequence Spread Spectrum (DSSS)

The transmitter breaks data into pieces and sends the pieces across multiple frequencies in a defined range. DSSS is more susceptible to interference and less secure then FHSS.

Frequency Hopping Spread Spectrum (FHSS)

FHSS uses a narrow frequency band and 'hops' data signals in a predictable sequence from frequency to frequency over a wide band of frequencies.

Because FHSS shifts automatically between frequencies, it can avoid interference that may be on a single frequency.
Hopping between frequencies also increases transmission security by making eavesdropping and data capture more difficult.

Ad hoc Topology

An ad hoc network works in peer-to-peer mode. The wireless NICs in each host communicate directly with one another. An ad hoc network:

Works in peer-to-peer mode without an access point (the wireless NICs in each host communicate directly with one another).
Uses a physical mesh topology with a logical bus topology.
Is cheap and easy to set up.
Cannot handle a large number of hosts.
Requires special modifications to reach wired networks.

You will typically only use an ad hoc network to create a direct, temporary connection between two hosts.

Infrastructure Topology

An infrastructure wireless network employs an access point (AP) that functions like a hub on an Ethernet network. With an infrastructure network:

The network uses a physical star topology with a logical bus topology.
You can easily add hosts without increasing administrative efforts (scalable).
The access point can be easily connected to a wired network, allowing clients to access both wired and wireless hosts.
The placement and configuration of access points require planning to implement effectively.

You should implement an infrastructure network for all but the smallest of wireless networks.

Wireless networks use Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)

to control media access and avoid (rather than detect) collisions. Collision avoidance uses the following process:

The sending device listens to make sure that no other device is transmitting. If another device is transmitting, the device waits a random period of time (called a backoff period) before attempting to send again.
If no other device is transmitting, the sending device broadcasts a Request-to-send (RTS) message to the receiver or access point. The RTS includes the source and destination, as well as information on the duration of the requested communication.
The receiving device responds with a Clear-to-send (CTS) packet. The CTS also includes the communication duration period. Other devices use the information in the RTS and CTS packets to delay attempting to send until the communication duration period (and subsequent acknowledgement) has passed.
The sending device transmits the data. The receiving device responds with an acknowledgement (ACK). If an acknowledgement is not received, the sending device assumes a collision and retransmits the affected packet.
After the time interval specified in the RTS and CTS has passed, other devices can start the process again to attempt to transmit.

Wireless communication operates in half-duplex (shared, two-way communication)

Devices can both send and receive, but not at the same time. Devices must take turns using the transmission channel. Typically, once a party begins receiving a signal, it must wait for the transmitter to stop transmitting before replying.

Devices on a wireless network include:

A wireless NIC for sending and receiving signals.
A wireless access point (AP) is the equivalent of an Ethernet hub. The wireless NICs connect to the AP, and the AP manages network communication.
A wireless bridge connects two wireless APs into a single network or connects your wireless AP to a wired network. Most APs today include bridging features.

Many wireless access points include ports (or hubs, switches, or routers) to connect the wireless network to the wired portion of the network.

Station (STA)

An STA is a wireless network card (NIC) in an end device such as a laptop or wireless PDA. STA often refers to the device itself, not just the network card.

Access Point (AP)

An access point (AP), sometimes called a wireless access point, is the device that coordinates all communications between wireless devices as well as the connection to the wired network. It acts as a hub on the wireless side and a bridge on the wired side. It also synchronizes the stations within a network to minimize collisions.

Basic Service Set (BSS)

A BSS, also called a cell, is the smallest unit of a wireless network. All devices in the BSS can communicate with each other. The devices in the BSS depend on the operating mode:

In an ad hoc implementation, each BSS contains two devices that communicate directly with each other.
In an infrastructure implementation, the BSS consists of one AP and all STAs associated with the AP.

All devices within the BSS use the same radio frequency channel to communicate.

Independent Basic Service Set (IBSS)

An IBSS is a set of STAs configured in ad hoc mode.

Extended Service Set (ESS)

An ESS consists of multiple BSSs with a distribution system (DS). The graphic above is an example of an ESS. In an ESS, BSSs that have an overlapping transmission range use different frequencies.

Distribution System (DS)

The distribution system (DS) is the backbone or LAN that connects multiple APs (and BSSs) together. The DS allows wireless clients to communicate with the wired network and with wireless clients in other cells.

Service Set Identifier (SSID)

he Service Set Identifier (SSID), also called the network name, groups wireless devices together into the same logical network.

All devices on the same network (within the BSS and ESS) must have the same SSID.
The SSID is a 32-bit value that is inserted into each frame. The SSID is case-sensitive.
The SSID is sometimes called the ESS ID (Extended Service Set ID) or the BSS ID (Basic Service Set ID). In practice, each term means the same thing. Note: Using BSS ID to describe the SSID of a BSS is technically incorrect.

Basic Service Set Identifier (BSSID)

Basic Service Set Identifier (BSSID)

...

Basic Service Set Identifier (BSSID)

The BSSID is a 48-bit value that identifies an AP in an infrastructure network or a STA in an ad hoc network. The BSSID allows devices to find a specific AP within an ESS that has multiple access points, and is used by STAs to keep track of APs when roaming between BSSs. The BSSID is the MAC address of the access point and is set automatically.

Note: Do not confuse the BSSID with the SSID. They are not the same thing.

What type of virtualization completely simulates a real physical host

Full virtualization

Wireless clients seem to take a long time to find the wireless access point You want to reduce the time it takes for the clients to connect

Decrease the beacon interval

You want to connect your client computer to a wireless access point connected to your wired network at work. The network administrator tells you that the access point is configured to use WPA2 personal with the strongest encryption method possible . SSID broadcast is turned on. What must you configure manually on the client

preshared key
AES

You adminster a network with windows 2000 and UNIX servers, and windows 2000 professional, windows 98 and macintosh clients. A user of Windows 98 computer calls you one day and says he is unable to access resources on the network. You type ipconfig on the user's computer and receive the following output:
0 Ethernet adapter:
IP address........:169.254.1.17
Subnet Mask....:255.255.0.0
default Gateway:
you also check you NIC and see the link light on.
what might be the problem?

Unavailable DHCP Server

You manage a network with two switches. The seitches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1
What should you configure to allow communication between these two devices through the switches?

Trunking
a trunk port is used to connect two switches together

You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to /centralize remote access authentication and authorization.
What is required part of your configuration?

Configure the remote access servers as Radius clients

what are characterisitcs of TACACS+

Allows for possible of three different servers, one each for authentication, authorizaiton, and accounting
uses TCP

You have a small home wireless network that uses WEP. The access point is configured as the DHCP server and a NAT router that connects to the Internet. You do not have a RADIUS server. What authenticaiton method should you choose?

Open

you have purchased a used wireless point and want to set up a small wireless network at home. The access point only supports WEP.
You want to configure the most secure settings on the access point. Which of the following would you configure?

Open authentication
preshared Key

You need to configure a wireless network. You want to use WPA Enterprise. Which of the following components will be part of your design?

TKIP encryption
802.1x

you have a small wireless network that uses multiple access points. The network currently uses WEP YOu want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop?

SSID
Preshared Key

On wireless networks, which technology is employed to provide the same type of protection that cables provide on a wired netwrork?

WEP

On a wireless network that is employing WEP, which type of user is allowed to authenticate through the access points?

users with the correct WEP key

What protocols or mechanisms is not used to proved security on a wireless network?

RDP
remote desktop protocol

You need to add security for your wireless network. You would like to use the most secure method

WPA2

What specifications identify security that can be added to wireless networks?

802.1x
802.11i

You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?

On a RADIUS server

What wireless security methods uses a common shared key configured on the wireless access point and all wireless clients:

WEP, WPA personal, WPA2 personal

you want to implement 802.1x authentication on you wireless network. What will be required?

RADIUS

What encryption method isused by WPA for wireless networks?

TKIP

You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want ot control access to the private network through a single server.

VPN concentrator

What network layer protocol provides authentication and encryption services for IP based network traffic?

IPsec

You want to allow traveling users to connect to your private network through the internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the internet in these locations. What protocol would be most likely to be allowed throught he wides number of firewalls?

SSL

VPN is used primarily for what purpose

Support secured communications over an untrusted network

You are in the middle of a big project at work. all of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer ate home.
What protocol should you use?

RDP,
Remote desktop protocol

IPSec is implemented through two separate protocols. what are these protocols called?

AH-provides authentication and non-repudiation services
ESP provide data encryption services for the data packet

What protocols can your portable computer use to connect to your company's network via a virtual tunnel through the internet?

PPTP
L2TP
VPN protocols that allow company access on a public Network

YOu want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. What protocol is suitable for this task?

PPTP

You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall?

source address of a packet
destination address of a packet
Port number

You have recently installed a new Windows Server 2003 system. To ensure the accuracy of the system time, you have loaded an application that synchronizes the hardware clock on the server with an external time source on the Internet. Now you must configure the firewall on your network to allow time synchronization traffic through. What port are you most likely to open on the firewalls

123

You have a router that is configured as a firewall. The router is a layer 3 device only. What does the router use for identifying allowed or denied packets?

IP address

What network services or protocols use TCP/IP port 22

SSH

You company uses a very fast internet connection and pays for a based on usage. You have been asked by the company president to reduce Internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance?

Install a proxy server

You have accompany network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a web server publicly available to the Internet users.

Use firewalls to create a DMZ. Place the web server inside the DMZ, and the private network behind the DMZ

What are characteristics of a circuit-level gateway?

Filters based on sessions, and stateful
makes decisions about which traffic to allow based on virtual circuits or sessions. A circuit-level proxy is considered a stateful firewall because it keeps track of the state of a session.

You want to install a firewall that can reject packets that are not part of an active session. What type of firewall should you use?

Circuit-level

What functions are performed by proxies?

Cache web pages
block employees from accessing certain Web sites

after blocking a number of ports to secure your server, you are unable to send e-mail. To allow e-mail service what needs to be done

open port 25 and allow SMTP

How does a proxy server differ from a packet filtering firewall?

A proxy server operates at the Application layer, while the packet filters firewall operates at the network layer

Haley configures a web site using windows 2000 default values. what are the HTTP port and SSL port settings

80- HTTP
443-SSL

You have used firewalls to create a demilitarized zone. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server for retrieving product, customer, and order information.
How should you place devices on the network to best protect the servers?

Put the database server on the private network and the web server inside the DMZ

You administer a Web server on your network. The computer has multiple IP addresses: 192.168.23.2 to 192.168.23.24. The name of the computer is www.westsim.com. You configured the web site as follows:
Ip add. 192.168.23.2
HTTP port: 1030
SSl POrt 443
users complain that they can't connect to the web site when they type it in . What is the likely source?

The HTTP port should be changed to 80

You are configuring a firewall to allow access to a server hosted on the DMZ of your network. You open TCP/IP ports 80, 25, 110 and 143. Assuming that no other ports on the firewall need to be configured to provide access, what applications are most likely to be hosted on the server?

Web server
email

What protocol and port number is used by TFTP?

UDP 69

You are the administrator for a secure network that uses firewall filtering. several network users have requested to access Internet. Usenet groups fut are unable. What needs to be done to allow users to access news groups?

Open port 119 to allow NNTP service

You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from internet based attacks.
What would you use?

Host based firewall

Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two server. What type of device should you use to create the DMZ

Network based firewall

What does a router acting as a firewall use to control which packets are forwarded or dropped?

ACL: access control list is configured with statements that identify traffic characteristics, such as the direction of traffic, the source or destination IP address and the port number

What measures are you most likely to implement in order to protect against a worm or trojan horse?

Anti-viru software

What is a form a of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?

Smurf

What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?

Virus

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of what kind of attack

denial of service

Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transaction from occurring?

Denial of service attack

Which of the following is the best countermeasure against man-in-the middles attacks?

IPSEec

What statements about the use of anti-virus software is correct?

Anti-virus software should be configured to download updated virus definition files as soon as they become available.

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?

Rogue access point

Users on your network report that they have received an e-mail stating that the company has just launched a new web site for employees, and to access the web site they need to go there and enter their username and password information. No one in your company has sent this e-mail.
What type of attack is this?

Phishing

You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You successfully restore all files from backup, but your boss is adamant the this situation does not reoccur. What do to do?

Install a network virus detection software solution.

What are examples of social engineering?

Dumpster diving
should surfing

A smurf attack requires all but which of the following elements to be implemented?

Padded cell

What is the primary countermeasure to social engineering?

awareness

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set