Chapter 7

Question 1

An enterprise-wide VPN can include elements of both the client-to-site and site-to site
models.

Answer 1

True

Question 2

After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames
through the tunnel.

Answer 2

False

Question 3

PPP can support several types of Network layer protocols that might use the
connection.

Answer 3

True

Question 4

A community cloud is a service shared between multiple organizations, but not
available publicly.

Answer 4

True

Question 5

A Type 2 hypervisor installs on a computer before any OS, and is therefore called a
bare-metal hypervisor.

Answer 5

False

Question 6

Office 365 is an example of an SaaS implementation with a subscription model

Answer 6

True

Question 7

Digital certificates are issued, maintained, and validated by an organization called a
certificate authority (CA).

Answer 7

True

Question 8

The HTTPS (HTTP Secure) protocol utilizes the same TCP port as HTTP, port 80.

Answer 8

False

Question 9

FTPS (FTP Security or FTP Secure) and SFTP (Secure FTP) are two names for the
same protocol.

Answer 9

False

Question 10

The Virtual Network Computing (VNC) application uses the cross-platform remote
frame buffer (RFB) protocol.

Answer 10

True

Question 11

Which type of cloud service model involves hardware services that are provided
virtually, including network infrastructure devices such as virtual servers?

Answer 11

IaaS

Question 12

What cloud service model involves providing applications through an online user
interface, providing for compatibility with a multitude of different operating systems
and devices?

Answer 12

SaaS

Question 13

What type of scenario would be best served by using a Platform as a Service (PaaS)
cloud model?

Answer 13

A group of developers needs access to multiple operating systems and the
runtime libraries that the OS provides.

Question 14

When using public and private keys to connect to an SSH server from a Linux
device, where must your public key be placed before you can connect?

Answer 14

In an authorization file on the host where the SSH server is.

Question 15

The combination of a public key and a private key are known by what term below?

Answer 15

key pair

Question 16

What security encryption protocol requires regular re-establishment of a connection
and can be used with any type of TCP/IP transmission?

Answer 16

IPsec

Question 17

At what layer of the OSI model does the IPsec encryption protocol operate?

Answer 17

Network layer

Question 18

The PPP headers and trailers used to create a PPP frame that encapsulates Network
layer packets vary between 8 and 10 bytes in size due to what field?

Answer 18

FCS

Question 19

When using a site-to-site VPN, what type of device sits at the edge of the LAN and
establishes the connection between sites?

Answer 19

VPN gateway

Question 20

Amazon and Rackspace both utilize what virtualization software below to create
their cloud environments?

Answer 20

Citrix Xen

Question 21

What open-source VPN protocol utilizes OpenSSL for encryption and has the ability
to possibly cross firewalls where IPsec might be blocked?

Answer 21

OpenVPN

Question 22

VMware Player and Linux KVM are both examples of what type of hypervisor?

Answer 22

Type 2 hypervisor

Question 23

Which statement regarding the use of a bridged mode vNIC is accurate?

Answer 23

The vNIC will its own IP address on the physical LAN.

Question 24

When is it appropriate to utilize the NAT network connection type?

Answer 24

Whenever the VM does not need to be access at a known address by other
network nodes.

Question 25

By default, what network connection type is selected when creating a VM in
VMware, VirtualBox, or KVM?

Answer 25

NAT mode

Question 26

Which statement regarding the IKEv2 tunneling protocol is accurate?

Answer 26

IKEv2 offers fast throughput and good stability when moving between
wireless hotspots.

Question 27

The use of certificate authorities to associate public keys with certain users is known
by what term?

Answer 27

public-key infrastructure

Question 28

What is NOT a potential disadvantage of utilizing virtualization?

Answer 28

Virtualization software increases the complexity of backups, making
creation of usable backups difficult.

Question 29

A vSwitch (virtual switch) or bridge is a logically defined device that operates at
what layer of the OSI model?

Answer 29

Layer 2

Question 30

Which of the following virtualization products is an example of a bare-metal
hypervisor?

Answer 30

Citrix XenServer

Question 31

In a software defined network, what is responsible for controlling the flow of data?

Answer 31

SDN controller

Question 32

What term is used to describe a space that is rented at a data center facility by a
service provider?

Answer 32

point of presence (PoP)

Question 33

Which of the following statements regarding the Point-to-Point (PPP) protocol is
NOT accurate?

Answer 33

PPP can support strong encryption, such as AH or ESP.

Question 34

Why is the telnet utility a poor choice for remote access to a device?

Answer 34

It provides poor authentication and no encryption.

Question 35

What statement regarding the SSH (Secure Shell) collection of protocols is accurate?

Answer 35

SSH supports port forwarding

Question 36

In order to generate a public and private key for use with SSH, what command line
utility should you use?

Answer 36

ssh-keygen

Question 37

Regarding VNC (Virtual Network Computing or Virtual Network Connection), what
statement is accurate?

Answer 37

VNC is open source, allowing companies to develop their own software
based on VNC.

Question 38

Which file transfer protocol has no authentication or security for transferring files,
uses UDP, and requires very little memory to use?

Answer 38

Trivial FTP (TFTP)

Question 39

What special enterprise VPN supported by Cisco devices creates VPN tunnels
between branch locations as needed rather than requiring constant, static tunnels?

Answer 39

Dynamic Multipoint VPN

Question 40

Which of the following is NOT a task that a VPN concentrator is responsible for?

Answer 40

A VPN concentrator shuts down established connections with malicious
traffic occurs.