Скачать книгу

has two primary locations in a town and wants the two environments to appear like the same local network. Each location has a router, switches, and wireless access points deployed to them. What technology would best work to allow her to have the two facilities appear to be on the same network segment?SDWANVXLAN VMWANiSCSI

      54 Segmentation, sequencing, and error checking all occur at what layer of the OSI model that is associated with SSL, TLS, and UDP?The Transport layerThe Network layerThe Session layerThe Presentation layer

      55 The Windows ipconfig command displays the following information:BC-5F-F4-7B-4B-7DWhat term describes this, and what information can usually be gathered from it?The IP address, the network location of the systemThe MAC address, the network interface card's manufacturerThe MAC address, the media type in useThe IPv6 client ID, the network interface card's manufacturer

      56 Chris has been asked to choose between implementing PEAP and LEAP for wireless authentication. What should he choose, and why?LEAP, because it fixes problems with TKIP, resulting in stronger securityPEAP, because it implements CCMP for securityLEAP, because it implements EAP-TLS for end-to-end session encryptionPEAP, because it can provide a TLS tunnel that encapsulates EAP methods, protecting the entire session

      57 Ben is troubleshooting a network and discovers that the NAT router he is connected to has the 192.168.x.x subnet as its internal network and that its external IP is 192.168.1.40. What problem is he encountering?192.168.x.x is a nonroutable network and will not be carried to the internet.192.168.1.40 is not a valid address because it is reserved by RFC 1918.Double NATing is not possible using the same IP range.The upstream system is unable to de-encapsulate his packets, and he needs to use PAT instead.

      58 What is the default subnet mask for a Class B network?255.0.0.0255.255.0.0255.254.0.0255.255.255.0

      59 Jim's organization uses a traditional PBX for voice communication. What is the most common security issue that its internal communications are likely to face, and what should he recommend to prevent it?Eavesdropping, encryptionMan-in-the-middle attacks, end-to-end encryptionEavesdropping, physical securityWardialing, deploy an IPS

      60 What technical difference separates wireless communication via WiFi and LiFi?LiFi is not susceptible to electromagnetic interference.LiFi cannot be used to deliver broadband speeds.WiFi is not susceptible to electromagnetic interference.WiFi cannot be used to deliver broadband speeds.

      61 Selah's organization has deployed VoIP phones on the same switches that the desktop PCs are on. What security issue could this create, and what solution would help?VLAN hopping; use physically separate switches.VLAN hopping; use encryption.Caller ID spoofing; MAC filtering.Denial-of-service attacks; use a firewall between networks.For questions 62–65, please refer to the following scenario:Susan is designing her organization's new network infrastructure for a branch office.

      62 Susan wants to use a set of nonroutable IP addresses for the location's internal network addresses. Using your knowledge of secure network design principles and IP networking, which of the following IP ranges are usable for that purpose? (Select all that apply.)172.16.0.0/12192.168.0.0/16128.192.0.0/2410.0.0.0/8

      63 Susan knows that she will need to implement a WiFi network for her customers and wants to gather information about the customers, such as their email address, without having to provide them with a wireless network password or key. What type of solution would provide this combination of features?NACA captive portalPre-shared keysWPA3's SAE mode

      64 With her wireless network set up, Susan moves on to ensuring that her network will remain operational even if disruptions occur. What is the simplest way she can ensure that her network devices, including her router, access points, and network switches, stay on if a brownout or other temporary power issue occurs?Purchase and install a generator with an automatic start.Deploy dual power supplies for all network devices.Install UPS systems to cover all network devices that must remain online.Contract with multiple different power companies for redundant power.

      65 Susan wants to provide 10 gigabit network connections to devices in the facility where the new branch will operate. What connectivity options does she have for structured wiring that can meet those speeds? (Select all that apply.)Cat5eFiberCat6Coaxial cable

      66 Data streams occur at what three layers of the OSI model?Application, Presentation, and SessionPresentation, Session, and TransportPhysical, Data Link, and NetworkData Link, Network, and Transport

      67 Lucca wants to protect endpoints that are in production use but that are no longer supported and cannot be patched from network attacks. What should he do to best protect these devices?Install a firewall on the device.Disable all services and open ports on the devices.Place a hardware network security device in front of the devices.Unplug the devices from the network because they cannot be properly secured.

      68 Selah's networking team has been asked to identify a technology that will allow them to dynamically change the organization's network by treating the network like code. What type of architecture should she recommend?A network that follows the 5-4-3 ruleA converged networkA software-defined networkA hypervisor-based network

      69 Jason knows that protocols using the OSI model rely on encapsulation as data moves from layer to layer. What is added at each layer as data flows up the OSI layers?Information is added to the header.Information is added to the main body of the data.The data is encrypted with a new secret key.A security envelope that provides perfect forward secrecy

      70 During a troubleshooting process, the support technician that Alyssa is talking to states that the problem is a layer 3 problem. Which of the following possible issues is not a layer 3 problem?A TTL mismatchAn MTU mismatchAn incorrect ACLA broken network cable

      71 During a review of her organization's network, Angela discovered that it was suffering from broadcast storms and that contractors, guests, and organizational administrative staff were on the same network segment. What design change should Angela recommend?Require encryption for all users.Install a firewall at the network border.Enable spanning tree loop detection.Segment the network based on functional requirements.

      72 ICMP, RIP, and network address translation all occur at what layer of the OSI model?Layer 1Layer 2Layer 3Layer 4For questions 73–75, please refer to the following scenario:Ben is an information security professional at an organization that is replacing its physical servers with cloud-hosted virtual machines. As the organization builds its virtual environment, it is moving toward a hybrid cloud operational model with some systems and services remaining in its local data center and others hosted in the cloud. The following diagram shows the local data center and cloud VPC's network IP ranges, which you should consider as you answer the questions.

      73 Ben wants to ensure that the instance-to-instance (system-to-system) traffic in his cloud-hosted infrastructure as a service environment is secure. What can he do to fully ensure that the virtualized network traffic is not being captured and analyzed?Prevent the installation of a packet sniffer on all hosts.Disable promiscuous mode for all virtual network interfaces.Disallow the use of any virtual taps.Encrypt all traffic between hosts.

      74 What issue is most likely to occur due to the subnets configured for the data center and VPC?IP address conflictsRouting loopsMAC address conflictsAll of the above

      75 Ben wants to use multiple internet service providers (ISPs) to connect to his cloud VPC to ensure reliable access and bandwidth. What technology can he use to manage and optimize those connections?FCoEVXLANSDWANLiFi

      76 WPA2's Counter Mode Cipher Block Chaining Message Authentication Mode Protocol (CCMP) is based on which common encryption scheme?DES3DESAESTLS

      77 When a host on an Ethernet network detects a collision and transmits a jam signal, what happens next?The host that transmitted the jam signal is allowed to retransmit while all other hosts pause until that transmission is received successfully.All hosts stop transmitting, and each host waits a random period of time before attempting to transmit again.All hosts stop transmitting, and each host waits a period of time based on how recently it successfully transmitted.Hosts wait for the token to be passed and then resume transmitting data as they pass the token.

      78 Mark is concerned about the physical security of his network cables. What type of network connection would be the hardest to tap without specialized equipment?WiFiBluetoothCat5/Cat6

Скачать книгу