Which of the following are characteristics of MLPS?(Select Two)
Adds labels to data units, Supports variable-length data units
Which of the following is WAN technology that allows for interoperability of vendor hardware for fiber optic networking?
Which type of network establishes a dedicated connection between two hosts who need to communicate on the network, not allowing any other host to use the medium until the communication is complete?
Which of the following terms identifies the network of dial-up telephone and the long-distance lines?
If the SONET (OC-1) base data rate is 51.84 Mbps, how much data can the Optical Carrier level 12 (OC-12) transfer in one second?
You have a site in your network that is connected to multiple other sites. A single virtual circuit is used to connect to all other sites.
Which type of network divides data to be transmitted into small units and routes these units from the originating system to the destination system, allowing multiple, concurrent communications on the network medium?
Which of the following correctly describes the T1 carrier system?(select two)
A single T1 channel can transfer data at 64 Kbps, T1 lines use pairs of copper wire
You are implementing Internet connectivity for a new start-up company. Your client will provide on-line storefronts for retailers. To do this, they have calculated that their Internet connection must provide a data rate of at least 20 - 30 Mbps. Which type of service should you implement?
Which of the following technologies uses variable-length packets and adds labels to packets as they enter the WAN cloud, with the labels being used to switch packets and prioritize traffic?
Which of the following are characteristics of SONET? (Select Two)
Transport protocol used for other traffic types, dual counter-rotating fiber optic rings
You have a series of WAN links that connects your site to multiple other sites. Each remote site is connected to your site using a dedicated link What type of connection is being used?
Which of the following devices is used on a WAN to convert synchronous serial signals into digital signals?
You are traveling throughout North America to many metropolitan and rural areas. Which single form of Internet connectivity provides the greatest potential connectivity wherever you travel?
Which of the following is the most susceptible to interference related to atmospheric conditions?
Which of the following services are available regardless of whether the telephone company network is available?
Which of the following are characteristics of VDSL? (Select Two)
Unequal download and upload speeds, Supports both data and voice at the same time
Which of the following Internet connection technologies requires that the location be within a limited distance of the telephone company central office?
Which two of the following describe the channels and the data transfer rates used for ISDN BRI(Select Two)
One D channel operating at 16 Kbps, Two B channels operating at 64 Kbps each
A healthcare organization provides mobile clinics throughout the world. Which network technology should you select to transfer patient statistical data to a central database via the Internet to ensure network connectivity for any clinic located anywhere in the world, even remote areas?
Which three of the following are characteristics of ISDN?
It provides enough bandwidth to transmit data at much higher speeds than standard modems and analog lines, It is a dial-up service that uses existing copper wires for the local loop, It lets you transmit voice, video, and data over the same lines.
You want to set up a service to allow multiple users to dial into the office server from modems on their home computers. What service should you implement?
Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts?
Which of the following protocols of services is commonly used on cable Internet connections for user authentication?
You often travel away from the office. While traveling, you would like to use a modem on your laptop computer to connect directly to a server in your office and access files on that server that you need. You want the connection to be as secure as possible. Which type of connection will you need?
Which of the following are characteristics TACACS+?(Chose Two)
Uses TCP, Allows for a possible of three different servers, one each for authentication, authorization, and accounting
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization.
Configure the remote access servers as RADIUS servers.
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two)
You have just signed up for Internet access using a local provider that gives you a fiber optic line into your house. From there, Ethernet and wireless connections are used to create a small network within your home. Which of the following protocols would be used to provide authentication, authorization, and accounting for the Internet connection?
Which of the following are differences between RADIUS and TACACS+?
RADIUS combines authentication and authorization into a single function; TACACS+ allows these services to be split between different servers.
Users on your network report that they have received an email stating that the company has just launched a new website for employees, and to access the Web site they need to go there and enter their user name and password information. No one in your company has sent this email. What type of attack is this?
Which of the following statements about the use of anti-virus software is correct?
Anti-virus software should be configured to download updated virus definition files as soon as they become available.
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
Denial of Service
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network office. What type of security risk is this?
Rouge access point
Which of the following describes a man-in-the -middle?
A false server intercepts communications from a client by impersonating the intended server.
Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?
Denial of Service attack
Which of the following is a form of denial of service attack that uses spoofed ICMP PACKETS TO FLOOD A VICTIM WITH ECHO REQUESTs USING A BOUNCE/AMPLIFICATION network?
What is the main difference between a worm and a virus?
A worm can replicate itself and does not need a host for distribution.
How can an organization help prevent social engineering attacks?(Select Two)
Educate employees on the risks and countermeasures, Publish and enforce clearly written security policies.
Capturing packets as they travel from one host to another with the with the intent of altering the contents of the packets is a form of which security concern?
What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it found?
You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that user download a virus from the Internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation doe not occur. What should you do?
Install a network virus detection software solution.
Which of the following measures are you most likely to implement in order to protect against a worm or a Trojan horse?
Which of the following is NOT a primary characteristic of a worm?
It infects the MBR of a hard drive
Which of the following are examples of social engineering? (Select Two)
Dumpster diving, Shoulder surfing
Which of the following are characteristics of a circuit-level gateway? (Select Two)
Filters based on sessions, Stateful
How does a proxy server differ from a packet filtering firewall?
A proxy server operates at the Application layer, while a packet filtering firewall operates at the Network layer.
You are the administrator for a secure network that uses firewall filtering. Several network users have requested to access Internet Usenet groups but are unable. What needs to be done to allow users to access the newsgroups?
Open port 119 to allow NNTP service.
You administer a Web server on your network. The computer has multiple IP addresses. They are 192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the Web site as follows: IP address: 192.168.23.8, HTTP Port: 1030, SSL Port: 443. Users complain that they can't connect to the web site when they type www.westsim.com. What is the most likely source of the problem?
The HTTP port should be changed to 80.
Which of the following functions are performed by proxies? (select two)
Cache web pages, Block employees from accessing certain websites.
Your company leases a very fast Internet connection and pays for it based on usage. You have been asked by the company president to reduce Internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance. What is the best way to do this?
Install a proxy server.
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
Using the Netstat command you notice that a remote system has made a connection to your Windows server 2003 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing ?
Downloading a file
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Haley configures a Web site using Windows 2000 default values. What are the HTTP port and SSL port settings?
80 for HTTP; 443 for SSL
You are configuring a network firewall to allow SMTP outbound email traffic, and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall? (Select Two)
Which of the following are characteristics of a packet filtering firewall? (Select Two)
Filters IP address and port, Stateless
You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of emails for all users. You want to scan the emails and prevent any emails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use?
Network based firewall
You have a company network that is connected to the internet. You want all users to have internet access, but need to protect your private network and users. You also need to make private network and users. You also need to make a Web server publicly available to Internet users. Which solution should use?
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ
Your company has a connection to the Internet that allows users to access the Internet. You also have a web server and an email server that you want to make available to Internet users. You want to create a DMZ for these servers. Which type of device should you use to create the DMZ?
Network based firewall
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use?
Host based firewall
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets.
IPsec is implemented through two separate protocols. What are these protocols called? (Select Two)
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save files on the server, and print files to a printer connected to a computer at home. Which protocol should you use?
You have a group of salesman who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network.
You want to allow traveling users to connect to your private network through the internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?
Which of following network layer protocols provides authentication and encryption services for IP based network traffic?
Which of the following protocols can your portable computer use to connect to your company's network via a tunnel through the Internet? (Select two)
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature allows the switches to pass VLAN traffic between the switches?
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement?
When configuring VLANs on a switch, what is used to identify VLANs on a switch, what is used to identify VLAN membership of a device?
Which of the following do switches and wireless access points use to control access through the device?
Which of the following best describes the concept of a virtual LAN?
Devices on the same network logically grouped as if they were grouped on separate networks.
You manage a private network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1, and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these two devices through the switches?
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?
Which type of devices is required to implement port authentication through the switch?
Your company is a small start-up company that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides Internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
You manage a network with two switches. The switches are connected together through their Gigabit uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in the VLAN 1 needs to communicate with a device on the same switch which is in VLAN 2. What should you configure so that the two devices can communicate?
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?
Which of the following are used when implementing Kerberos for authentication and authorization? (Select Two)
Time server, Ticket granting
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use?
You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch? Which one of the following should you implement?
Which of the following applications typically use 802.1x authentication? (Select Two)
Controlling access through a switch, Controlling access though a wireless access point
You have been contracted by a firm to implement a new remote access solution based on a Windows Server 2003 system. The customer wants to purchase and install a smart card system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client?
Which of the following authentication protocols uses a three-way handshake to authenticate users to the network? (Choose two)
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP?
You have a Web server that will be used for secure transactions for customers who access the Web site over the Internet. The Web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?
Obtain a certificate from public PKI
Which of the following protocols can be used to securely manage a network device from a remote connection?
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
Implement version 3 SNMP
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two)
Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two)
Authentication for agents and managers, Encryption of SNMP messages
Telenet is inherently insecure because its a communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?
As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?
Host based IDS
What actions can a typical passive Intrusion Detection System (IDS) take when it detects an attack? (Select two)
The IDS logs all pertinent data about the intrusion, An alert is generated and delivered via Email, the console, or an SNMP trap.
Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations?
You are concerned about protecting your network from network based attacks from the Internet. Specifically, you are concerned about "zero day" attacks (attacks that have not yet been identified or that do not have prescribed protections).
Anomaly based IDS
You want to make sure that a set of servers will only accept traffic for specific network services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?
What security mechanism can be used to detect attacks originating on the Internet or from within an internal trusted subnet?
Which of the following functions can a port scanner provide?
Discover unadvertised servers, Determining which ports are open on a firewall
You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack. Which tool should you use?
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities list in a database?
What is the most common form of host based IDS that employs signature or pattern matching detection methods?