Chapter 4
Communication and Network Security (Domain 4)

  1. Gary wants to distribute a large file and prefers a peer-to-peer CDN. Which of the following is the most common example of this type of technology?
    1. CloudFlare
    2. BitTorrent
    3. Amazon CloudFront
    4. Akamai Edge
  2. During a security assessment of a wireless network, Jim discovers that LEAP is in use on a network using WPA. What recommendation should Jim make?
    1. Continue to use LEAP. It provides better security than TKIP for WPA networks.
    2. Use an alternate protocol like PEAP or EAP-TLS and implement WPA2 if supported.
    3. Continue to use LEAP to avoid authentication issues, but move to WPA2.
    4. Use an alternate protocol like PEAP or EAP-TLS, and implement Wired Equivalent Privacy to avoid wireless security issues.
  3. Ben has connected his laptop to his tablet PC using an 802.11ac connection. What wireless network mode has he used to connect these devices?
    1. Infrastructure mode
    2. Wired extension mode
    3. Ad hoc mode
    4. Standalone mode
  4. Selah's and Nick's PCs simultaneously send traffic by transmitting at the same time. What network term describes the range of systems on a network that could be affected by this same issue?
    1. The subnet
    2. The supernet
    3. A collision domain
    4. A broadcast domain
  5. Sarah is manually reviewing a packet capture of TCP traffic and finds that a system is setting the RST flag in the TCP packets it sends repeatedly during a short period of time. What does this flag mean in the TCP packet header?
    1. RST flags mean “Rest.” The server needs traffic to briefly pause.
    2. RST flags mean “Relay-set.” The packets will be forwarded to the address set in the packet.
    3. RST flags mean “Resume Standard.” Communications will resume in their normal format.
    4. RST means “Reset.” The TCP session will be disconnected.
  6. Gary is deploying a wireless network and wants to deploy the fastest possible wireless technology. Which one of the following wireless networking standards should he use?
    1. 802.11a
    2. 802.11g
    3. 802.11n
    4. 802.11ac
  7. Michele wants to replace FTP traffic with a secure replacement. What secure protocol should she select instead?
    1. TFTP
    2. HFTPS
    3. SecFTP
    4. SFTP
  8. Jake has been told that there is a layer 3 problem with his network. Which of the following is associated with layer 3 in the OSI model?
    1. IP addresses
    2. TCP and UDP protocols
    3. MAC addresses
    4. Sending and receiving bits via hardware
  9. Frank is responsible for ensuring that his organization has reliable, supported network hardware. Which of the following is not a common concern for network administrators as they work to ensure their network continues to be operational?
    1. If the devices have vendor support
    2. If the devices are under warranty
    3. If major devices support redundant power supplies
    4. If all devices support redundant power supplies
  10. Brian is selecting an authentication protocol for a PPP connection. He would like to select an option that encrypts both usernames and passwords and protects against replay using a challenge/response dialog. He would also like to reauthenticate remote systems periodically. Which protocol should he use?
    1. PAP
    2. CHAP
    3. EAP
    4. LEAP
  11. Which one of the following protocols is commonly used to provide back-end authentication services for a VPN?
    1. HTTPS
    2. RADIUS
    3. ESP
    4. AH
  12. Isaac wants to ensure that his VoIP session initialization is secure. What protocol should he ensure is enabled and required?
    1. SVOIP
    2. PBSX
    3. SIPS
    4. SRTP

    For questions 13–15, please refer to the following scenario and diagram:

    Chris is designing layered network security for his organization.

    Schematic illustration of a diagram of layered network security for an organization.
  13. What type of firewall design is shown in the diagram?
    1. A single-tier firewall
    2. A two-tier firewall
    3. A three-tier firewall
    4. A four-tier firewall
  14. If the VPN grants remote users the same access to network and system resources as local workstations have, what security issue should Chris raise?
    1. VPN users will not be able to access the web server.
    2. There is no additional security issue; the VPN concentrator's logical network location matches the logical network location of the workstations.
    3. Web server traffic is not subjected to stateful inspection.
    4. VPN users should only connect from managed PCs.
  15. If Chris wants to stop cross-site scripting attacks against the web server, what is the best device for this purpose, and where should he put it?
    1. A firewall, location A
    2. An IDS, location A
    3. An IPS, location B
    4. A WAF, location C
  16. Susan is deploying a routing protocol that maintains a list of destination networks with metrics that include the distance in hops to them and the direction traffic should be sent to them. What type of protocol is she using?
    1. A link-state protocol
    2. A link-distance protocol
    3. A destination metric protocol
    4. A distance-vector protocol
  17. Ben has configured his network to not broadcast an SSID. Why might Ben disable SSID broadcast, and how could his SSID be discovered?
    1. Disabling SSID broadcast prevents attackers from discovering the encryption key. The SSID can be recovered from decrypted packets.
    2. Disabling SSID broadcast hides networks from unauthorized personnel. The SSID can be discovered using a wireless sniffer.
    3. Disabling SSID broadcast prevents issues with beacon frames. The SSID can be recovered by reconstructing the BSSID.
    4. Disabling SSID broadcast helps avoid SSID conflicts. The SSID can be discovered by attempting to connect to the network.
  18. What network tool can be used to protect the identity of clients while providing Internet access by accepting client requests, altering the source addresses of the requests, mapping requests to clients, and sending the modified requests out to their destination?
    1. A switch
    2. A proxy
    3. A router
    4. A firewall
  19. Susan wants to secure her communications traffic via multiple internet service providers as it is sent to her company's second location. What technology should she use to protect the traffic for an always on, always connected link between the sites?
    1. FCoE
    2. SDWAN
    3. A point-to-point IPsec VPN
    4. Zigbee
  20. Melissa wants to combine multiple physical networks in her organization in a way that is transparent to users but allows the resources to be allocated as needed for networked services. What type of network should she deploy?
    1. iSCSI
    2. A virtual network
    3. SDWAN
    4. A CDN
  21. Which email security solution provides two major usage modes: (1) signed messages that provide integrity, sender authentication, and nonrepudiation; and (2) an enveloped message mode that provides integrity, sender authentication, and confidentiality?
    1. S/MIME
    2. MOSS
    3. PEM
    4. DKIM
  22. During a security assessment, Jim discovers that the organization he is working with uses a multilayer protocol to handle SCADA systems and recently connected the SCADA network to the rest of the organization's production network. What concern should he raise about serial data transfers carried via TCP/IP?
    1. SCADA devices that are now connected to the network can now be attacked over the network.
    2. Serial data over TCP/IP cannot be encrypted.
    3. Serial data cannot be carried in TCP packets.
    4. TCP/IP's throughput can allow for easy denial-of-service attacks against serial devices.
  23. Ben provides networking and security services for a small chain of coffee shops. The coffee shop chain wants to provide secure, free wireless for customers. Which of the following is the best option available to Ben to allow customers to connect securely to his wireless network without needing a user account if Ben does not need to worry about protocol support issues?
    1. Use WPA2 in PSK mode.
    2. Use WPA3 in SAE mode.
    3. Use WPA2 in Enterprise mode.
    4. Use a captive portal.
  24. Alicia's company has implemented multifactor authentication using SMS messages to provide a numeric code. What is the primary security concern that Alicia may want to express about this design?
    1. SMS messages are not encrypted.
    2. SMS messages can be spoofed by senders.
    3. SMS messages may be received by more than one phone.
    4. SMS messages may be stored on the receiving phone.
  25. What speed and frequency range are used by 802.11n?
    1. 5 GHz only
    2. 900 MHz and 2.4 GHz
    3. 2.4 GHz and 5 GHz
    4. 2.4 GHz only
  26. The Address Resolution Protocol (ARP) and the Reverse Address Resolution Protocol (RARP) operate at what layer of the OSI model?
    1. Layer 1
    2. Layer 2
    3. Layer 3
    4. Layer 4
  27. Which of the following is a converged protocol that allows storage mounts over TCP, and which is frequently used as a lower-cost alternative to Fibre Channel?
    1. MPLS
    2. SDN
    3. VoIP
    4. iSCSI
  28. Chris is building an Ethernet network and knows that he needs to span a distance of more than 150 meters with his 1000BaseT network. What network technology should he use to help with this?
    1. Install a repeater, a switch, or a concentrator before 100 meters.
    2. Use Category 7 cable, which has better shielding for higher speeds.
    3. Install a gateway to handle the distance.
    4. Use STP cable to handle the longer distance at high speeds.

    For questions 29–31, please refer to the following scenario and diagram:

    Selah's organization has used a popular messaging service for a number of years. Recently, concerns have been raised about the use of messaging.

    Schematic illustration of a diagram of layered network security for an organization in which a popular messaging service is used.
  29. What protocol is the messaging traffic most likely to use based on the diagram?
    1. SLACK
    2. HTTP
    3. SMTP
    4. HTTPS
  30. What security concern does sending internal communications from A to B raise?
    1. The firewall does not protect system B.
    2. System C can see the broadcast traffic from system A to B.
    3. It is traveling via an unencrypted protocol.
    4. Messaging does not provide nonrepudation.
  31. How could Selah's company best address a desire for secure messaging for users of internal systems A and C?
    1. Use a third-party messaging service.
    2. Implement and use a locally hosted service.
    3. Use HTTPS.
    4. Discontinue use of messaging and instead use email, which is more secure.
  32. Which of the following drawbacks is a concern when multilayer protocols are allowed?
    1. A range of protocols may be used at higher layers.
    2. Covert channels are allowed.
    3. Filters cannot be bypassed.
    4. Encryption can't be incorporated at multiple layers.
  33. Which of the following is not an example of a converged protocol?
    1. MIME
    2. FCoE
    3. iSCSI
    4. VoIP
  34. Chris uses a cellular hot spot to provide internet access when he is traveling. If he leaves the hot spot connected to his PC while his PC is on his organization's corporate network, what security issue might he cause?
    1. Traffic may not be routed properly, exposing sensitive data.
    2. His system may act as a bridge from the internet to the local network.
    3. His system may be a portal for a reflected DDoS attack.
    4. Security administrators may not be able to determine his IP address if a security issue occurs.
  35. In her role as an information security professional, Susan has been asked to identify areas where her organization's wireless network may be accessible even though it isn't intended to be. What should Susan do to determine where her organization's wireless network is accessible?
    1. A site survey
    2. Warwalking
    3. Wardriving
    4. A design map
  36. What features can IPsec provide for secure communication?
    1. Encryption, access control, nonrepudiation and message authentication
    2. Protocol convergence, content distribution, micro-segmentation, and network virtualization
    3. Encryption, authorization, nonrepudiation, and message integrity checking
    4. Micro-segmentation, network virtualization, encryption, and message authentication
  37. Casey has been asked to determine if Zigbee network traffic can be secured in transit. What security mechanism does Zigbee use to protect data traffic?
    1. 3DES encryption
    2. AES encryption
    3. ROT13 encryption
    4. Blowfish encryption
  38. Sue modifies her MAC address to one that is allowed on a network that uses MAC filtering to provide security. What is the technique Sue used, and what nonsecurity issue could her actions cause?
    1. Broadcast domain exploit, address conflict
    2. Spoofing, token loss
    3. Spoofing, address conflict
    4. Sham EUI creation, token loss
  39. Joanna wants to deploy 4G LTE as an out-of-band management solution for devices at remote sites. Which of the following security capabilities is not commonly available from 4G service providers?
    1. Encryption capabilities
    2. Device-based authentication
    3. Dedicated towers and antennas for secure service subscribers
    4. SIM-based authentication
  40. SMTP, HTTP, and SNMP all occur at what layer of the OSI model?
    1. Layer 4
    2. Layer 5
    3. Layer 6
    4. Layer 7
  41. Melissa uses the ping utility to check whether a remote system is up as part of a penetration testing exercise. If she does not want to see her own ping packets, what protocol should she filter out from her packet sniffer's logs?
    1. UDP
    2. TCP
    3. IP
    4. ICMP
  42. Selah wants to provide port-based authentication on her network to ensure that clients must authenticate before using the network. What technology is an appropriate solution for this requirement?
    1. 802.11a
    2. 802.3
    3. 802.15.1
    4. 802.1x
  43. Ben has deployed a 1000BaseT gigabit network and needs to run a cable across a large building. If Ben is running his link directly from a switch to another switch in that building, what is the maximum distance Ben can cover according to the 1000BaseT specification?
    1. 2 kilometers
    2. 500 meters
    3. 185 meters
    4. 100 meters
  44. What security control does MAC cloning attempt to bypass for wired networks?
    1. Port security
    2. VLAN hopping
    3. 802.1q trunking
    4. Etherkiller prevention
  45. The company that Kathleen works for has moved to remote work for most employees and wants to ensure that the multimedia collaboration platform that they use for voice, video, and text-based collaboration is secure. Which of the following security options will provide the best user experience while providing appropriate security for communications?
    1. Require software-based VPN to the corporate network for all use of the collaboration platform.
    2. Require the use of SIPS and SRTP for all communications.
    3. Use TLS for all traffic for the collaboration platform.
    4. Deploy secure VPN endpoints to each remote location and use a point-to-point VPN for communications.
  46. Chris wants to use a low-power, personal area network wireless protocol for a device he is designing. Which of the following wireless protocols is best suited to creating small, low-power devices that can connect to each other at relatively short distances across buildings or rooms?
    1. WiFi
    2. Zigbee
    3. NFC
    4. Infrared
  47. Which of the following options includes standards or protocols that exist in layer 6 of the OSI model?
    1. NFS, SQL, and RPC
    2. TCP, UDP, and TLS
    3. JPEG, ASCII, and MIDI
    4. HTTP, FTP, and SMTP
  48. Cameron is worried about distributed denial-of-service attacks against his company's primary web application. Which of the following options will provide the most resilience against large-scale DDoS attacks?
    1. A CDN
    2. Increasing the number of servers in the web application server cluster
    3. Contract for DDoS mitigation services via the company's ISP
    4. Increasing the amount of bandwidth available from one or more ISPs
  49. There are four common VPN protocols. Which group listed contains all of the common VPN protocols?
    1. PPTP, LTP, L2TP, IPsec
    2. PPP, L2TP, IPsec, VNC
    3. PPTP, L2F, L2TP, IPsec
    4. PPTP, L2TP, IPsec, SPAP
  50. Wayne wants to deploy a secure voice communication network. Which of the following techniques should he consider? (Select all that apply.)
    1. Use a dedicated VLAN for VoIP phones and devices.
    2. Require the use of SIPS and SRTP.
    3. Require the use of VPN for all remote VoIP devices.
    4. Implement a VoIP IPS.
  51. Which OSI layer includes electrical specifications, protocols, and interface standards?
    1. The Transport layer
    2. The Device layer
    3. The Physical layer
    4. The Data Link layer
  52. Ben is designing a WiFi network and has been asked to choose the most secure option for the network. Which wireless security standard should he choose?
    1. WPA2
    2. WPA
    3. WEP
    4. WPA3
  53. Kathleen has two primary locations in a town and wants the two environments to appear like the same local network. Each location has a router, switches, and wireless access points deployed to them. What technology would best work to allow her to have the two facilities appear to be on the same network segment?
    1. SDWAN
    2. VXLAN
    3. VMWAN
    4. iSCSI
  54. Segmentation, sequencing, and error checking all occur at what layer of the OSI model that is associated with SSL, TLS, and UDP?
    1. The Transport layer
    2. The Network layer
    3. The Session layer
    4. The Presentation layer
  55. The Windows ipconfig command displays the following information:

    BC-5F-F4-7B-4B-7D

    What term describes this, and what information can usually be gathered from it?

    1. The IP address, the network location of the system
    2. The MAC address, the network interface card's manufacturer
    3. The MAC address, the media type in use
    4. The IPv6 client ID, the network interface card's manufacturer
  56. Chris has been asked to choose between implementing PEAP and LEAP for wireless authentication. What should he choose, and why?
    1. LEAP, because it fixes problems with TKIP, resulting in stronger security
    2. PEAP, because it implements CCMP for security
    3. LEAP, because it implements EAP-TLS for end-to-end session encryption
    4. PEAP, because it can provide a TLS tunnel that encapsulates EAP methods, protecting the entire session
  57. Ben is troubleshooting a network and discovers that the NAT router he is connected to has the 192.168.x.x subnet as its internal network and that its external IP is 192.168.1.40. What problem is he encountering?
    1. 192.168.x.x is a nonroutable network and will not be carried to the internet.
    2. 192.168.1.40 is not a valid address because it is reserved by RFC 1918.
    3. Double NATing is not possible using the same IP range.
    4. The upstream system is unable to de-encapsulate his packets, and he needs to use PAT instead.
  58. What is the default subnet mask for a Class B network?
    1. 255.0.0.0
    2. 255.255.0.0
    3. 255.254.0.0
    4. 255.255.255.0
  59. Jim's organization uses a traditional PBX for voice communication. What is the most common security issue that its internal communications are likely to face, and what should he recommend to prevent it?
    1. Eavesdropping, encryption
    2. Man-in-the-middle attacks, end-to-end encryption
    3. Eavesdropping, physical security
    4. Wardialing, deploy an IPS
  60. What technical difference separates wireless communication via WiFi and LiFi?
    1. LiFi is not susceptible to electromagnetic interference.
    2. LiFi cannot be used to deliver broadband speeds.
    3. WiFi is not susceptible to electromagnetic interference.
    4. WiFi cannot be used to deliver broadband speeds.
  61. Selah's organization has deployed VoIP phones on the same switches that the desktop PCs are on. What security issue could this create, and what solution would help?
    1. VLAN hopping; use physically separate switches.
    2. VLAN hopping; use encryption.
    3. Caller ID spoofing; MAC filtering.
    4. Denial-of-service attacks; use a firewall between networks.

    For questions 62–65, please refer to the following scenario:

    Susan is designing her organization's new network infrastructure for a branch office.

  62. Susan wants to use a set of nonroutable IP addresses for the location's internal network addresses. Using your knowledge of secure network design principles and IP networking, which of the following IP ranges are usable for that purpose? (Select all that apply.)
    1. 172.16.0.0/12
    2. 192.168.0.0/16
    3. 128.192.0.0/24
    4. 10.0.0.0/8
  63. Susan knows that she will need to implement a WiFi network for her customers and wants to gather information about the customers, such as their email address, without having to provide them with a wireless network password or key. What type of solution would provide this combination of features?
    1. NAC
    2. A captive portal
    3. Pre-shared keys
    4. WPA3's SAE mode
  64. With her wireless network set up, Susan moves on to ensuring that her network will remain operational even if disruptions occur. What is the simplest way she can ensure that her network devices, including her router, access points, and network switches, stay on if a brownout or other temporary power issue occurs?
    1. Purchase and install a generator with an automatic start.
    2. Deploy dual power supplies for all network devices.
    3. Install UPS systems to cover all network devices that must remain online.
    4. Contract with multiple different power companies for redundant power.
  65. Susan wants to provide 10 gigabit network connections to devices in the facility where the new branch will operate. What connectivity options does she have for structured wiring that can meet those speeds? (Select all that apply.)
    1. Cat5e
    2. Fiber
    3. Cat6
    4. Coaxial cable
  66. Data streams occur at what three layers of the OSI model?
    1. Application, Presentation, and Session
    2. Presentation, Session, and Transport
    3. Physical, Data Link, and Network
    4. Data Link, Network, and Transport
  67. Lucca wants to protect endpoints that are in production use but that are no longer supported and cannot be patched from network attacks. What should he do to best protect these devices?
    1. Install a firewall on the device.
    2. Disable all services and open ports on the devices.
    3. Place a hardware network security device in front of the devices.
    4. Unplug the devices from the network because they cannot be properly secured.
  68. Selah's networking team has been asked to identify a technology that will allow them to dynamically change the organization's network by treating the network like code. What type of architecture should she recommend?
    1. A network that follows the 5-4-3 rule
    2. A converged network
    3. A software-defined network
    4. A hypervisor-based network
  69. Jason knows that protocols using the OSI model rely on encapsulation as data moves from layer to layer. What is added at each layer as data flows up the OSI layers?
    1. Information is added to the header.
    2. Information is added to the main body of the data.
    3. The data is encrypted with a new secret key.
    4. A security envelope that provides perfect forward secrecy
  70. During a troubleshooting process, the support technician that Alyssa is talking to states that the problem is a layer 3 problem. Which of the following possible issues is not a layer 3 problem?
    1. A TTL mismatch
    2. An MTU mismatch
    3. An incorrect ACL
    4. A broken network cable
  71. During a review of her organization's network, Angela discovered that it was suffering from broadcast storms and that contractors, guests, and organizational administrative staff were on the same network segment. What design change should Angela recommend?
    1. Require encryption for all users.
    2. Install a firewall at the network border.
    3. Enable spanning tree loop detection.
    4. Segment the network based on functional requirements.
  72. ICMP, RIP, and network address translation all occur at what layer of the OSI model?
    1. Layer 1
    2. Layer 2
    3. Layer 3
    4. Layer 4

    For questions 73–75, please refer to the following scenario:

    Ben is an information security professional at an organization that is replacing its physical servers with cloud-hosted virtual machines. As the organization builds its virtual environment, it is moving toward a hybrid cloud operational model with some systems and services remaining in its local data center and others hosted in the cloud. The following diagram shows the local data center and cloud VPC's network IP ranges, which you should consider as you answer the questions.

    Schematic illustration of a network diagram showing the local data center and cloud VPC’s network IP ranges.
  73. Ben wants to ensure that the instance-to-instance (system-to-system) traffic in his cloud-hosted infrastructure as a service environment is secure. What can he do to fully ensure that the virtualized network traffic is not being captured and analyzed?
    1. Prevent the installation of a packet sniffer on all hosts.
    2. Disable promiscuous mode for all virtual network interfaces.
    3. Disallow the use of any virtual taps.
    4. Encrypt all traffic between hosts.
  74. What issue is most likely to occur due to the subnets configured for the data center and VPC?
    1. IP address conflicts
    2. Routing loops
    3. MAC address conflicts
    4. All of the above
  75. Ben wants to use multiple internet service providers (ISPs) to connect to his cloud VPC to ensure reliable access and bandwidth. What technology can he use to manage and optimize those connections?
    1. FCoE
    2. VXLAN
    3. SDWAN
    4. LiFi
  76. WPA2's Counter Mode Cipher Block Chaining Message Authentication Mode Protocol (CCMP) is based on which common encryption scheme?
    1. DES
    2. 3DES
    3. AES
    4. TLS
  77. When a host on an Ethernet network detects a collision and transmits a jam signal, what happens next?
    1. The host that transmitted the jam signal is allowed to retransmit while all other hosts pause until that transmission is received successfully.
    2. All hosts stop transmitting, and each host waits a random period of time before attempting to transmit again.
    3. All hosts stop transmitting, and each host waits a period of time based on how recently it successfully transmitted.
    4. Hosts wait for the token to be passed and then resume transmitting data as they pass the token.
  78. Mark is concerned about the physical security of his network cables. What type of network connection would be the hardest to tap without specialized equipment?
    1. WiFi
    2. Bluetooth
    3. Cat5/Cat6 twisted pair
    4. Fiber optic
  79. Rich wants to connect his network to a building a half-mile away from his current location. There are trees and terrain features along the way, but a road passes between the trees to the other location. What type of transmission media is best suited to this type of deployment?
    1. Ethernet cable with repeaters every 200 to 300 yards
    2. A WiFi directional antenna
    3. Fiber-optic cable
    4. A LiFi system
  80. What challenge is most common for endpoint security system deployments?
    1. Compromises
    2. The volume of data
    3. Monitoring encrypted traffic on the network
    4. Handling non-TCP protocols
  81. What type of address is 127.0.0.1?
    1. A public IP address
    2. An RFC 1918 address
    3. An APIPA address
    4. A loopback address
  82. Susan is writing a best practices statement for her organizational users who need to use Bluetooth. She knows that there are many potential security issues with Bluetooth and wants to provide the best advice she can. Which of the following sets of guidance should Susan include?
    1. Use Bluetooth's built-in strong encryption, change the default PIN on your device, turn off discovery mode, and turn off Bluetooth when it's not in active use.
    2. Use Bluetooth only for those activities that are not confidential, change the default PIN on your device, turn off discovery mode, and turn off Bluetooth when it's not in active use.
    3. Use Bluetooth's built-in strong encryption, use extended (eight digits or longer) Bluetooth PINs, turn off discovery mode, and turn off Bluetooth when it's not in active use.
    4. Use Bluetooth only for those activities that are not confidential, use extended (eight digits or longer) Bluetooth PINs, turn off discovery mode, and turn off Bluetooth when it's not in active use.
  83. What type of networking device is most commonly used to assign endpoint systems to VLANs?
    1. Firewall
    2. Router
    3. Switch
    4. Hub
  84. Steve has been tasked with implementing a network storage protocol over an IP network. What storage-centric converged protocol is he likely to use in his implementation?
    1. MPLS
    2. FCoE
    3. SDN
    4. VoIP
  85. Michelle is told that the organization that she is joining uses an SD-WAN controller architecture to manage their WAN connections. What can she assume about how the network is managed and controlled? (Select all that apply.)
    1. The network uses predefined rules to optimize performance.
    2. The network conducts continuous monitoring to support better performance.
    3. The network uses self-learning techniques to respond to changes in the network.
    4. All connections are managed by the organization's primary internet service provider.
  86. Which of the following shows the layers of the OSI model in correct order, from layer 1 to layer 7? Place the layers of the OSI model shown here in the appropriate order, from layer 1 to layer 7.
    1. Layer 1 = Data Link; Layer 2 = Physical; Layer 3 = Network; Layer 4 = Transport; Layer 5 = Session; Layer 6 = Presentation; Layer 7 = Applications
    2. Layer 1 = Physical; Layer 2 = Data Link; Layer 3 = Network; Layer 4 = Transport; Layer 5 = Session; Layer 6 = Presentation; Layer 7 = Applications
    3. Layer 1 = Physical; Layer 2 = Data Link; Layer 3 = Network; Layer 4 = Transport; Layer 5 = Session; Layer 6 = Applications; Layer 7 = Presentation
    4. Layer 1 = Physical; Layer 2 = Data Link; Layer 3 = Network; Layer 4 = Session; Layer 5 = Transport; Layer 6 = Presentation; Layer 7 = Applications
  87. Valerie enables port security on the switches on her network. What type of attack is she most likely trying to prevent?
    1. IP spoofing
    2. MAC aggregation
    3. CAM table flooding
    4. VLAN hopping
  88. Alaina wants to ensure that systems are compliant with her network security settings before they are allowed on the network and wants to ensure that she can test and validate system settings as possible. What type of NAC system should she deploy?
    1. A pre-admit, clientless NAC system
    2. A postadmission, client-based NAC system
    3. A pre-admit, client-based NAC system
    4. A postadmission, clientless NAC system
  89. Derek wants to deploy redundant core routers, as shown in the diagram. What model of high availability clustering will provide him with the greatest throughput?
    Schematic illustration of deploying redundant core routers.
    1. Active/active
    2. Line interactive
    3. Active/passive
    4. Nearline
  90. Angela needs to choose between the following protocols for secure authentication and doesn't want to create unneeded technical complexity. Which authentication protocol should she choose and why?
    1. EAP, because it provides strong encryption by default
    2. LEAP, because it provides frequent reauthentication and changing of WEP keys
    3. PEAP, because it provides encryption and doesn't suffer from the same vulnerabilities that LEAP does
    4. EAP-TLS
  91. What is a frequent concern for systems that require high-performing internet connectivity when satellite internet is the only available option?
    1. Security
    2. Compatibility with protocols like LiFi
    3. Compatibility with protocols like Zigbee
    4. Latency
  92. What layer of an SDN implementation uses programs to communicate needs for resources via APIs?
    1. The data plane
    2. The control plane
    3. The application plane
    4. The monitoring plane
  93. Which of the following is not a drawback of multilayer protocols?
    1. They can allow filters and rules to be bypassed.
    2. They can operate at higher OSI levels.
    3. They can allow covert channels.
    4. They can allow network segment boundaries to be bypassed.
  94. Place the following layers of the TCP/IP model in order, starting with the Application layer and moving down the stack.
    1. Application layer
    2. Network Access layer
    3. Internet layer
    4. Transport layer
    1. 1, 2, 3, 4
    2. 1, 4, 2, 3
    3. 1, 4, 3, 2
    4. 4, 1, 3, 2
  95. What is the maximum speed that Category 5e cable is rated for?
    1. 5 Mbps
    2. 10 Mbps
    3. 100 Mbps
    4. 1000 Mbps
  96. What are two primary advantages that 5G networks have over 4G networks? (Select all that apply.)
    1. Anti-jamming features
    2. Enhanced subscriber identity protection
    3. Mutual authentication capabilities
    4. Multifactor authentication
  97. What function does VXLAN perform in a data center environment?
    1. It removes limitations due to maximum distance for Ethernet cables.
    2. It allows multiple subnets to exist in the same IP space with hosts using the same IP addresses.
    3. It tunnels layer 2 connections over a layer 3 network, stretching them across the underlying layer 3 network.
    4. All of the above
  98. Chris is setting up a hotel network and needs to ensure that systems in each room or suite can connect to each other, but systems in other suites or rooms cannot. At the same time, he needs to ensure that all systems in the hotel can reach the internet. What solution should he recommend as the most effective business solution?
    1. Per-room VPNs
    2. VLANs
    3. Port security
    4. Firewalls
  99. During a forensic investigation, Charles is able to determine the Media Access Control (MAC) address of a system that was connected to a compromised network. Charles knows that MAC addresses are tied back to a manufacturer or vendor and are part of the fingerprint of the system. To which OSI layer does a MAC address belong?
    1. The Application layer
    2. The Session layer
    3. The Physical layer
    4. The Data Link layer
  100. Mikayla is reviewing her organization's VoIP environment configuration and finds a diagram that shows the following design. What concern should she express?
    Schematic illustration of the design obtained from reviewing her organization’s VoIP environment configuration.
    1. The voice connection is unencrypted and could be listened to.
    2. There are no security issues in this diagram.
    3. The session initialization connection is unencrypted and could be viewed.
    4. Both the session initialization and voice data connection are unencrypted and could be captured and analyzed.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.220.106.241