Ch 7: Virtualization and Cloud Computing

Question 1

Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers?

Answer 1

IaaS

Question 2

What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?

Answer 2

SaaS

Question 3

What type of scenario would be best served by using a Platform as a Service (PaaS) cloud model?

Answer 3

A group of developers needs access to multiple operating systems and the runtime libraries that the OS provides.

Question 4

When using public and private keys to connect to an SSH server from a Linux device, where must your public key be placed before you can connect?

Answer 4

In an authorization file on the host where the SSH server is.

Question 5

The combination of a public key and a private key are known by what term below?

Answer 5

key pair

Question 6

What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?

Answer 6

IPsec

Internet Protocol Security: A layer 3 protocol that defines encryption, authentication, and key management for TCP/IP transmissions.

Question 7

At what layer of the OSI model does the IPsec encryption protocol operate?

Answer 7

Network layer

Question 8

The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field?

Answer 8

FCS

Frame Check Sequence: The field in a frame responsible for ensuring that data carried by the frame arrives intact.

Question 9

When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites?

Answer 9

VPN gateway

Question 10

Amazon and Rackspace both utilize what virtualization software below to create their cloud environments?

Answer 10

Citrix Xen

Question 11

What open-source VPN protocol utilizes OpenSSL for encryption and has the ability to possibly cross firewalls where IPsec might be blocked?

Answer 11

OpenVPN

Question 12

VMware Player and Linux KVM are both examples of what type of hypervisor?

Answer 12

Type 2 hypervisor

Question 13

Which statement regarding the use of a bridged mode vNIC is accurate?

Answer 13

The vNIC will use its own IP address on the physical LAN.

Question 14

When is it appropriate to utilize the NAT network connection type?

Answer 14

Whenever the VM does not need to be access at a known address by other network nodes.

Question 15

By default, what network connection type is selected when creating a VM in VMware, VirtualBox, or KVM?

Answer 15

NAT mode

Network address translation

Question 16

Which statement regarding the IKEv2 tunneling protocol is accurate?

Answer 16

IKEv2 offers fast throughput and good stability when moving between wireless hotspots.

Question 17

The use of certificate authorities to associate public keys with certain users is known by what term?

Answer 17

public-key infrastructure

Question 18

What is NOT a potential disadvantage of utilizing virtualization?

Answer 18

Virtualization software increases the complexity of backups, making creation of usable backups difficult.

Question 19

A vSwitch (virtual switch) or bridge is a logically defined device that operates at what layer of the OSI model?

Answer 19

Layer 2

Question 20

Which of the following virtualization products is an example of a bare-metal hypervisor?

Answer 20

Citrix XenServer

Question 21

In a software defined network, what is responsible for controlling the flow of data?

Answer 21

SDN controller

Question 22

What term is used to describe a space that is rented at a data center facility by a service provider?

Answer 22

point of presence (PoP)

Question 23

Which of the following statements regarding the Point-to-Point (PPP) protocol is NOT accurate?

Answer 23

PPP can support strong encryption, such as AH or ESP.

Question 24

Why is the telnet utility a poor choice for remote access to a device?

Answer 24

It provides poor authentication and no encryption.

Question 25

What statement regarding the SSH (Secure Shell) collection of protocols is accurate?

Answer 25

SSH supports port forwarding.

Question 26

In order to generate a public and private key for use with SSH, what command line utility should you use?

Answer 26

ssh-keygen

Question 27

Regarding VNC (Virtual Network Computing or Virtual Network Connection), what statement is accurate?

VNC: Software that uses the cross-platform protocol RFB (remote frame buffer) to remotely control a workstation or server.

Answer 27

VNC is open source, allowing companies to develop their own software based on VNC.

Question 28

Which file transfer protocol has no authentication or security for transferring files, uses UDP, and requires very little memory to use?

Answer 28

Trivial FTP (TFTP)

Question 29

What special enterprise VPN supported by Cisco devices creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels?

Answer 29

Dynamic Multipoint VPN

Question 30

Which of the following is NOT a task that a VPN concentrator is responsible for?

VPN concentrator: A specialized device that authenticates VPN clients, establishes tunnels for VPN connections, and manages encryption for VPN transmissions.

Answer 30

A VPN concentrator shuts down established connections with malicious traffic occurs.