Chapt 8 Flashcards

Question 1

Q

Your company hosts its own web server, and it allows consumers to make purchases via the server. The help line has been getting complaints that users are unable to access the website. You open the site from an internal workstation and it seems fine. What is the most likely cause?

A) The firewall is blocking TCP port 23.
B) The firewall is blocking TCP port 443.
C) The security module of the web server is malfunctioning.
D) The web server is down.

Answer

A

The firewall is blocking TCP port 443.
For secure transactions, the web server will be using HTTPS, which uses port 443. If the website works from an internal workstation, then the server is fine. It’s most likely that the firewall is blocking inbound traffic on port 443. Port 23 is Telnet.

Question 2

Q

Your manager wants you to install a networked Internet appliance that prevents network traffic–based attacks and includes antimalware and antispam software. What should you install?

Spam gateway, Load balancer, UTM, Proxy server

Answer

A

UTM.
It sounds like the manager wants a unified threat management (UTM) device. They are designed to be one‐stop network protection devices. Spam gateways help with spam email but not with other malware. A load balancer spreads work around to multiple servers. A proxy server fulfills requests for clients.

Question 3

Q

You are installing a file server for the accounting department. Where should this file server be located on the network?

A) Outside of the firewall
B) In the screened subnet
C) In the secure network
D) On the router

Answer

A

In the secure network.
If the data on the server does not need to be accessed via the Internet, then the server should be in the most secure place possible, which is inside the firewall(s) in the secure network.

Question 4

Q

You have been asked to identify the right type of cloud service to help the team of developers to provide programming elements such as runtime environments. Which service do you recommend?

PaaS, IaaS, SaaS, DaaS

Answer

A

PaaS.
Platform as a service (PaaS) is probably the right level of service for the developer team. It provides infrastructure, like IaaS, and also supplies needed programming elements. Infrastructure as a service doesn’t provide runtime environments; think of it as hardware. Software as a service provides apps and is too high a service for what’s needed here. There is no current DaaS on the exam objectives.

Question 5

Q

Which of the following are services that a print server should provide? (Choose two.)

A) Accepting print jobs from clients
B) Turning off printers on demand
C) Providing clients with the appropriate printer driver during installation
D) Notifying users when the print job is complete

Answer

A

A) Accepting print jobs from clients
C) Providing clients with the appropriate printer driver during installation.

Print servers should make printers available to clients and accept print jobs. They also process print jobs and manage print priorities. Finally, they provide client computers with the right print drivers when the clients attempt to install the printer. They do not turn printers off on demand or provide notification that a job has printed.

Question 6

Q

You are setting up a cloud contract with a provider. Your team needs the ability to quickly increase capacity to meet peak demands. What do you request?

Rapid elasticity, High availability, Resource pooling, Metered utilization

Answer

A

Rapid elasticity.
The ability to expand services quickly means rapid elasticity. High availability guarantees uptime for services. All cloud services use resource pooling. Metered utilization is how many suppliers track usage and charge accordingly.

Question 7

Q

Which type of server is responsible for preventing users from accessing websites with objectionable content?

Proxy, Web, DHCP, DNS

Answer

A

Proxy.
A proxy server can be configured to block access to websites that contain potentially dangerous or inflammatory material. Web servers host web pages, some of which may have objectionable content. DHCP servers provide clients with IP addresses, and DNS servers resolve hostnames to IP addresses.

Question 8

Q

Your company wants to move to a cloud provider to be able to scale resources quickly, but it is concerned about the security of confidential information. Which of the following types of cloud models might be the most appropriate for your company?

Public, Private, Community, Hybrid

Answer

A

Hybrid.
A hybrid cloud provides the best of public and private clouds. You get the scalability and cost effectiveness of a public cloud but also the security that you need for important files on the private portion of the cloud.

Question 9

Q

What does a DHCP server need to be configured with to operate properly?

DNS server, Scope, Range, DHCP relay agent

Answer

A

Scope.
Every DHCP server needs to have a scope, which is the range of addresses available to clients, as well as other options that it can give to client computers. A DHCP server can optionally provide clients with the address of a DNS server. There is no DHCP range. A DHCP relay agent is a system configured on a subnet with no DHCP server that relays DHCP requests to the DHCP server.

Question 10

Q

You have been asked to advise a group of several universities that want to combine research efforts and store data in the cloud. Which type of cloud solution might be best for them?

Public, Private, Community, Hybrid

Answer

A

Community.
When multiple organizations with similar objectives want to combine efforts in a cloud, the best choice is generally a community cloud. This allows for the flexibility and scalability normally found in a public cloud, but it also limits the number of users to a smaller, trusted group.

Question 11

Q

When configuring a DNS server, administrators must create which of the following?

Zone file, Hosts file, Scope file, DNS proxy

Answer

A

Zone file.
DNS server records are contained in the zone file, which must be configured by administrators. A hosts file is an alternative to using DNS (but that does not work well when scaling to the Internet). A scope is created on DHCP servers. There is no DNS proxy.

Question 12

Q

Your manager wants to use the cloud because everyone seems to be talking about it. What should you include when you are listing the benefits of using the cloud? (Choose all that apply.)

Increased security, Increased scalability, Lower cost, Improved reliability

Answer

A

Increased scalability, Lower cost, Improved reliability.

Cloud solutions are great for enhancing scalability and reliability while generally lowering costs. Security could be an issue with cloud computing, depending on your organization’s needs, because the resources aren’t locally controlled and managed.

Question 13

Q

You are configuring two email servers on your company’s network. Which network protocol do the servers use to transfer mail to each other?

POP3, IMAP4, SNMP, SMTP

Answer

A

SMTP.
Simple Mail Transfer Protocol (SMTP) is used to transfer (send) email between servers. POP3 and IMAP4 are used to download (receive) email. SNMP is Simple Network Management Protocol and not related to email.

Question 14

Q

You have been asked to configure a client-side virtualization solution with three guest OSs. Each one needs Internet access. How should you configure the solution in the most cost-effective way?

A) Three physical NICs
B) One physical NIC, three virtual NICs, and one virtual switch
C) One physical NIC, one virtual NIC, and three virtual switches
D) One physical NIC, three virtual NIC, and three virtual switches

Answer

A

B. Each virtual machine will use its own virtual NIC, so you need three virtual NICs. The virtual NICs will communicate with one virtual switch managed by the hypervisor. The virtual switch will communicate with one physical NIC on the host system.

Question 15

Q

You have five web servers that manage requests for online purchases. An administrator notices that one of the servers is always busy while another is idle, and the company is getting some online complaints about the slow website. Which of the following servers will help fix this?

DNS, DHCP, Proxy, Load balancer

Answer

A

Load balancer.
A load balancer can spread the work around to multiple servers. It accepts the inbound request and then sends it to the most appropriate web server. DNS resolves hostnames to IP addresses. DHCP provides IP configuration information. A proxy makes requests (usually outbound) on behalf of clients.

Question 16

Q

you have been asked to install Linux in a VM on a Windows 10 client. The Windows 10 client needs 4 GB of RAM, and Linux needs 2 GB of RAM. How much RAM does the system need at a minimum?

4 GB, 6 GB, 8 GB, Unable to determine from the question

Answer

A

6 GB.
There needs to be enough RAM to support both OSs, so the answer is 6 GB. More is better, though!

Question 17

Q

A computer using which of the following would be considered a legacy device? (Choose all that apply.)

A) A 386 processor
B) The IPX/SPX protocol
C) An application developed in 1983
D) 1 GB of RAM

Answer

A

A, B, C. Legacy systems are ones that use older hardware, software, or network protocols that are not commonly used today. A system with only 1 GB of RAM might be woefully underpowered, but that in and of itself does not make it a legacy system.

Question 18

Q

You have been asked to set up client-side virtualization on an office computer. The host OS is Windows 10, and there will be three Windows 10 guest OSs. Which of the following is true about the need for antivirus security?

A) The host OS needs an antivirus program, but virtual machines can’t be affected by viruses.
B) The host OS antivirus software will also protect the guest OSs on the VMs.
C) Installing antivirus software on the virtual switch will protect all guest OSs.
D) The host OS and each guest OS need their own antivirus software installed.

Answer

A

D. Each instance of the OS you are running requires its own security software.

Question 19

Q

You need to set up a temporary operating system environment to quickly test a piece of software your manager wants to install on the network. Which should you use?

AAA server, Sandbox, SCADA, Application virtualization

Answer

A

Sandbox.
A sandbox is a temporary operating system environment, kind of like a “lite” version of a virtual machine. It’s ideal for testing software such as this. An AAA server is for authentication, authorization, and accounting of security. SCADA is a legacy hardware and/or software environment used to control industrial systems. Application virtualization is used for legacy apps or cross‐platform virtualization.

Question 20

Q

You have been asked to set up client-side virtualization on a computer at work. The manager asks for a Type 2 hypervisor. What is the disadvantage of using that type of hypervisor?

A) The guest OS will compete for resources with the host OS.
B) The guest OS will be forced to a lower priortity with the CPU than the host OS.
C) The guest OS will be forced to use less RAM than the host OS.
D) The virtual guest OS will not be able to get on the physical network.

Answer

A

A.
A Type 2 hypervisor sits on top of an existing OS, meaning that OSs installed in VMs will compete for resources with the host OS. The amount of resources available to a guest OS can be configured. Virtual OSs can get on the physical network if configured properly.

Question 21

Q

a demilitarized zone [DMZ] is also called a ?

Answer

A

screened subnet = demilitarized zone [DMZ]

Question 22

Q

? servers resolve hostnames to IP addresses

Question 23

Q

Each DNS server has a database, called a _____, which maintains records of hostname to IP address mappings.

Answer

A

zone file

Question 24

Q

DHCP servers are configured with a _____, which contains the information that the server can provide to clients

Question 25

Q

a ____ is a device primarily used for storage on a network

Answer

A

fileshare (or FileServer)

Question 26

Q

what is a configured range of available IP addresses on a DHCP (Dynamic Host Configuration Protocol) server called?

Question 27

Q

DNS (domain name system) server records for IPv4 and IPv6 hosts are ___ and ____

Answer

A

A, AAAA (authentication, authorization, accounting and auditing)

Question 28

Q

DHCP (dynamic host configuration protocol uses ports _____ and _____

Answer

A

UDP 67 and UDP 68

Question 29

Q

a _____ server can block objectionable content from users

Question 30

Q

a RADIUS (Remote Authentication Dial-in User Service) server is an example of what type of server?

Answer

A

authentication

Question 31

Q

a device that combines firewall, IPS (intrusion prevention system) and anti malware software in one is called what ?

Answer

A

UTM (Unified Threat Management)

Question 32

Q

what is a name for a legacy system that manages industrial processes such as manufacturing or HVAC?

Answer

A

SCADA (supervisory control and data acquisition)

Question 33

Q

a ________ server receives print jobs and manages printers on a network

Question 34

Q

a server that manages and audits security on a network is a _____ server

Answer

A

AAA (authentication, authorization and accounting)

Question 35

Q

what type of server examines user credentials and grants them access to network resources?

Answer

A

authentication

Question 36

Q

mail servers use which protocol and port to transfer mail between themselves?

Question 37

Q

what type of internet appliance helps spread out the work for web servers?

Answer

A

load balancer

Question 38

Q

which type of server is used to collect messages, such as error codes or security events, from devices on the network?

Question 39

Q

what is the term for cloud service where the provider offers applications

Answer

A

SaaS (software as a service)

Question 40

Q

what type of cloud is completely owned by a company like Google but used by business clients?

Question 41

Q

the ability to access extra cloud resources quickly is called what?

Answer

A

rapid elasticity

Question 42

Q

what type of hyper visor is also referred to as a bare metal hypervisor?

Question 43

Q

what is the term for cloud service where the provider offers storage only?

Answer

A

Iaas (infrastructure as a service)

Question 44

Q

what is the name of the software that allows for multiple VMs on a client computer?

Answer

A

hypervisor

Question 45

Q

what type of cloud is owned and used by an individual company?

Question 46

Q

the ability of a cloud provider to bundle multiple physical servers together to appear as one set of resources to the client is called what ?

Answer

A

resource pooling

Question 47

Q

hypervisors manage VM network traffic and communicate to the physical NIC (network interface card) by using what ?

Answer

A

virtual switch

Question 48

Q

____ servers resolve hostnames to IP addresses

Question 49

Q

Each DNS server has a database, called a _____, which maintains records of hostname to IP address mappings.

Answer

A

zone file

Question 50

Q

DHCP servers are configured with a _____, which contains the information that the server can provide to clients.

Question 51

Q

Sending email and transferring email between mail servers is what protocol and port?

Question 52

Q

receiving email is what port and protocol?

Answer

A

Pop3 110
Imap4 143

Question 53

Q

Syslog uses what port?

Question 54

Q

User ______ happens when the system being logged into validates that the user has proper credentials

Answer

A

authentication

Question 55

Q

Once it’s determined who the user is, the next step in access control is determining what the user can do. This is called _____

Answer

A

authorization

Question 56

Q

This states that users should be granted only the least amount of access required to perform their jobs, and no more

Answer

A

principle of least privilege

Question 57

Q

____ seeks to keep a record of who accessed what and when, and the actions they performed.

Answer

A

Accounting

Question 58

Q

A ____ ______ is an appliance that blocks malicious emails from entering a network

Answer

A

spam gateway

Question 59

Q

An ____ is a passive device. It watches network traffic, and it can detect anomalies that might represent an attack.

Answer

A

intrusion Detection System IDS

Question 60

Q

_____ is an active device. It too monitors network traffic, but when it detects an anomaly, it can take actions to attempt to stop the attack.

Answer

A

intrusion prevention system IPS

Question 61

Q

The goal of ____ ____ ____ is to centralize security management, allowing administrators to manage all their security-related hardware and software through a single device or interface

Answer

A

unified threat management (UTM)

Question 62

Q

A ___ ____ makes requests for resources on behalf of a client

Answer

A

proxy server

Question 63

Q

SCADA

Answer

A

supervisory control and data acquisition

Question 64

Q

Let’s say that a company needs extra network capacity, including processing power, storage, and networking services (such as firewalls) but doesn’t have the money to buy more network hardware. they would get what service?

Answer

A

Infrastructure as a Service

Answer 51

A

Accepting print requests
Making printers available on the network

Print servers handle the following important functions:
-Making printers available on the network
-Accepting print requests
-Managing print requests (in the print queue)
-In some cases, processing and storing print jobs

Answer 52

A

Internet

Internet is not covered under Legacy systems. These systems are defined as the ones using the old technology and one or more of the following areas:
Hardware, software ( applications or operating system ), Network protocols

Answer 53

A

Resource pooling
On demand self service
Elasticity

NIST National Institute of Standards and technology defined the following five elements, which a cloud computing service must have:
- on demand self service
- broad network access
- resource pooling
- rapid elasticity
- measured service

Answer 54

A

Community

A private cloud is a cloud computing method where the cloud infrastructure is operated solely for a single organization.

Answer 55

A

Proxy server
SCADA

Answer 56

A

Hybrid

A hybrid cloud is a combination of two or more clouds that remain distinct but are bound together, offering the benefits of multiple deployment models. It uses a mix of on-premises, private cloud, and third-party public cloud services with orchestration between the two platforms.

Answer 57

A

To split up Banks of servers for handling specific types of requests

For example, one group of servers could handle web requests, while a second set hosts streaming video, and a third set manages downloads.

Answer 58

A

Hybrid

A hybrid Cloud provides the best capabilities of public and private clouds. You get the scalability and cost effectiveness of a public Cloud but also the security that you need for important files on the private portion of the cloud.

Answer 59

A

Emergency

0 emergency - a panic condition when the system is unusable
1 alert - immediate action needed
2 critical- major errors in the system
3 error - normal error conditions
4 warning Dash warning conditions, usually not as urgent as errors
5 notice - normal operation but a condition has been met
6 information- provides general information
7 debug - information used to help debug programs

Answer 60

A

A, B, C

Increased scalability
lower cost
Improved reliability

Answer 61

A

Metered utilization

Answer 62

A

NIDS

Network intrusion detection system

Answer 63

A

Query the root DNS server

If a DNS server is unable to resolve a name (and it checks it s cache after it checks its Zone file) , it will query the root DNS server.

Answer 64

A

It is configured with a scope, which contains the information that the server can provide to the clients.

DHCP servers need at least one scope, but they can also have more than one.

Answer 65

A

Spam Gateway
unified threat management

Load balancers help spread the workload and proxy servers make requests on behalf of clients

Answer 66

A

Accepting print jobs from clients
providing clients with the appropriate printer driver during installation

Answer 67

A

Scope

Every Dynamic host configuration protocol server needs to have a scope, which is the range of addresses available to clients, as well as other options that it can give to client computers. A DHCP server can optionally provide clients with the address of a DNS server. There is no DHCP range. A DHCP relay agent is a system configured on a subnet with no DHCP server that relays DHCP requests to the DHCP server

Answer 68

A

Zone file

Domain name system server records are contained in the zone file, which must be configured by administrators

Answer 69

A

In the secure network

If the data on the server does not need to be accessed via the internet, then the server should be in the most secure place possible, which is inside the firewall in the secure network

Answer 70

A

Install a DHCP relay agent on subnet B

Dynamic host configuration protocol requests are made via broadcast and will not travel through the router. It is never a good idea to allow routers to forward broadcasts. You could install a second DHCP server, but that is inefficient.

Answer 71

A

It can be located in two places, on the cloud or on an internal Network

Answer 72

A

Virtualizing Legacy software
cross platform virtualization

Brainscape's Knowledge GenomeTM

Chapt 8 Flashcards

Brainscape's Knowledge Genome^TM