C. Routers can be configured in many instances to act as packet-filtering firewalls. When configured properly, they can prevent unauthorized ports from being opened.

A. Packet filters prevent unauthorized packets from entering or leaving a network. Packet filters are a type of firewall that block specified port traffic.

D. Routers store information about network destinations in routing tables. Routing tables contain information about known hosts on both sides of the router.

B. Switches create virtual circuits between systems in a network. These virtual circuits are somewhat private and reduce network traffic when used.

B. Many modern PBX (private branch exchange) systems integrate voice and data onto a single data connection to your phone service provider. In some cases, this allows an overall reduction in cost of operations. These connections are made using existing network connections such as a T1 or T3 network.

B. PPP can pass multiple protocols and is widely used today as a transport protocol for dial-up connections.

A. PPP provides no security, and all activities are unsecure. PPP is primarily intended for dial-up connections and should never be used for VPN connections.

A. IPSec provides network security for tunneling protocols. IPSec can be used with many different protocols besides TCP/IP, and it has two modes of security.

D. A socket is a combination of IP address and port number. The socket identifies which application will respond to the network request.

C. IMAP is becoming the most popular standard for e-mail clients and is replacing POP protocols for mail systems. IMAP allows mail to be forwarded and stored in information areas called stores.

A. ICMP is used for destination and error reporting functions in TCP/IP. ICMP is routable and is used by programs such as Ping and Traceroute.

C. IGMP is used for group messaging and multicasting. IGMP maintains a list of systems that belong to a message group. When a message is sent to a particular group, each system receives an individual copy.

A. Sniffers monitor network traffic and display traffic in real time. Sniffers, also called network monitors, were originally designed for network maintenance and troubleshooting.

A. An IDS is used to protect and report network abnormalities to a network administrator or system. It works with audit files and rule-based processing to determine how to act in the event of an unusual situation on the network.

B. UTP is broken down into seven categories that define bandwidth and performance. The most common category is CAT 5, which allows 1000Mbps bandwidth. CAT 5 cabling is most frequently used with 100Base-T networks.

D. Fiber networks are considered the most secure, although they can be tapped. Fiber networks use a plastic or glass conductor and pass light waves generated by a laser.

C. Microwave communications systems can offer huge bandwidth and operate with either baseband or broadband capabilities. Baseband communication uses a single channel, whereas broadband is a multichannel environment.

A. The most common backup and archiving media in large systems is tape. Of the choices given, tape provides the highest-density storage in the smallest package. CD-Rs and removable hard drives may also be used, but they generally don't have the storage capacity of equivalent tape cartridges.

D. All of these devices can store and pass viruses to uninfected systems. Make sure that all files are scanned for viruses before they're copied to these media.

B. Smart cards are used for access control, and they can contain a small amount of information. Smart cards are replacing magnetic cards, in many instances because they can store additional personal information and are harder to copy or counterfeit.