DsmbISP Chapter 8 – CCNA Discovery: Working at a
Small-to-Medium Business or ISP (Version 4.1)
1. A company wants to configure a firewall to monitor all
channels of communication and allow only traffic that is part of a known
connection. Which firewall configuration should be deployed?
packet filtering
proxy
stateful packet inspection
stateless packet inspection
2. Which three items are normally included when a log
message is generated by a syslog client and forwarded to a syslog server?
(Choose three.)
date and time of message
ID of sending device
length of message
message ID
checksum field
community ID
3. What is the term for the public network between the
boundary router and
the firewall?
"clean" LAN
intranet
DMZ
extranet
4. Which two characteristics of network traffic are being
monitored if a network technician configures the company firewall to operate as
a packet filter? (Choose two.)
applications
physical addresses
packet size
ports
protocols
5. What network layer security protocol can secure any
application layer protocol used for communication?
HTTPS
IMAP
FTPS
IPSEC
TLS
6. Which means of communication does an SNMP network agent
use to provide a network management station with important but unsolicited
information?
query
broadcast
ICMP ping
trap
poll
7. When is the use of out-of-band network management
necessary?
when a server needs to be monitored across the network
when the management interface of a device is not reachable
across the network
when enhanced monitoring features are required to gain an
overall view of the entire network
when it is desirable to use the information that is
provided by SNMP
8. Which of the following does SNMP use to hold information
collected about the network?
network management station
network management database
management information base
database information agent
9. What is the advantage of using WPA to secure a wireless
network?
It uses a 128-bit pre-shared hexadecimal key to prevent
unauthorized wireless access.
It uses an advanced encryption key that is never
transmitted between host and access point.
It is supported on older wireless hardware, thus providing
maximum compatibility with enterprise equipment.
It requires the MAC address of a network device that is
requesting wireless access to be on a list of approved MAC addresses.
10. A server log includes this entry: User student accessed
host server ABC using Telnet yesterday for 10 minutes. What type of log entry
is this?
authentication
authorization
accounting
accessing
11. What AAA component assigns varying levels of rights to
users of network resources?
auditing
accounting
authorization
access control
authentication
acknowledgement
12. A network administrator is assigning network
permissions to new groups of users and employing the principle of least
privilege. Which two actions should the administrator take? (Choose two.)
Provide users with only the access to resources required to
do their jobs.
Provide the minimum level of permissions required for users
to do their jobs.
Remove all permissions from the users and grant permissions
as they are requested.
Allow users to decide how much permission they need to
accomplish their job tasks.
Provide full access to the users and gradually remove
privileges over time.
13. Before a technician upgrades a server, it is necessary
to back up all data. Which type of backup is necessary to ensure that all data
is backed up?
daily
differential
full
incremental
partial
14. Which three protocols describe methods that can be used
to secure user data for transmission across the internet? (Choose three.)
SMTP
IPSEC
SSL
HTTPS
FTP
TFTP
15. Which three protocols are used for in-band management?
(Choose three.)
FTP
HTTP
SNMP
Telnet
TFTP
DHCP
16. What are two potential problems with using tape media
to back up server data? (Choose two.)
Tape is not a cost-effective means of backing up data.
Data tapes are difficult to store offsite.
Data tapes are prone to failure and must be replaced often.
Tape drives require regular cleaning to maintain
reliability.
Backup logs are not available with tape backup solutions.
17. Which benefit does SSH offer over Telnet when remotely
managing a router?
encryption
TCP usage
authorization
connection using six VTY lines
18. A hacker has gained access to sensitive network files.
In analyzing the attack, it is found that the hacker gained access over a
wireless segment of the network. It is further discovered that the only
security measure in place on the wireless network is MAC Address Filtering. How
is it likely that the hacker gained access to the network?
The hacker used a software tool to crack the shared
hexadecimal wireless key.
The hacker obtained the MAC address of a permitted host,
and cloned it on his wireless laptop NIC.
The attacker mounted a denial of service attack to
overwhelm the firewall before penetrating the wireless LAN.
The hacker gained wireless access to the MAC address
database and added his own MAC address to the list of permitted addresses.
19. What two measures help to verify that server backups
have been reliably completed? (Choose two.)
reviewing backup logs
performing trial backups
performing full backups only
replacing tape backup with hard disk-based backup
using an autoloader when backups require more than one tape
20. Which AAA service reduces IT operating costs by
providing detailed reporting and monitoring of network user behavior, and also
by keeping a record of every access connection and device configuration change
across the network?
authentication
accreditation
accounting
authorization
No comments:
Post a Comment