Deck 6 Flashcards
Which alternate site allows for fastest disaster recovery?
Hot Site.
In active-active configuration, network traffic is distributed across?
All designated network devices.
Which of the following networking protocols provide(s) redundancy?
VRRP.
FHRP.
VRRP is Virtual Router Redundancy Protocol and provides for automatic assignment of IP routers to hosts. VRRP increases the availability and reliability of routing paths via autmatic default gateway selections on an IP subnet. It does so via the creation of virtual routers (primary/active and secondary/standby) acting as a group. The virtual router is assigned to act as a default gateway of hosts, instead of a physical router.
FHRP or First Hop Redundancy Protocol provides redundancy to the gateway router within an organization’s network by using a virtual IP and MAC address. It protects the default gateway on a subnet by allowing two or more routers to provide backup.
Which of the protocols listed below enable(s) designating a backup router in the event of an active router failure?
VRRP.
HSRP.
HSRP is Hot Standby Router Protocol (a FHRP) that provides redundancy for IP networks by allowing two or more routers to share a virtual IP and MAC address. HSRP protects the default gateway on a subnet by allowing two or more routers to provide backup.
Which of the following terms is used to describe an average time required to repair a failed component or device?
MTTR.
Mean Time To Repair.
High MTBF value indicates that a component or system provides low reliability and is more likely to fail.
False.
Mean Time Between Failures.
Which of the acronyms listed below refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster?
RTO (not RPO).
RTO is Recovery Time Objective and is a metric that measures the maximum amoutn of time that an application, system or process can be down without causing significant damage to the business.
In Business Continuity Planning (BCP), the maximum tolerable point in time to which systems and data must be recovered after an outage is called?
RPO.
RPO is Recovery Point Objective and is the maximum amount of data loss an organization can tolerate before significant harm occurs.
Which of the security measures listed below would be effective against the malicious insider threat?
DLP System.
Principle of Least Privilege.
Usage Auditing and Review.
(NOT: Strong Authentication).
DLP System or Data Loss Prevention is a security solution that identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data across premise and cloud-based systems.
A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company’s firewall is called?
Screened Subnet.
Network Access Control (NAC) defines a set of rules enforced in a network that the clients attempting to access the network must comply with. With NAC, policies can be enforced before or after end-stations gain access to the network. NAC can be implemented as pre-admission NAC where a host must, for example, be virus free or have patches applied before it can be allowed to connect to the network, and/or post-admission NAC, where a host is being granted/denied permissions based on its actions after it has been provided with the access to the network.
True.
802.1X is an IEEE standard for implementing?
Port-based NAC.
What are the characteristics of TACACS+?
Encrypts the entire payload of the access-request packet.
Primarily used for device administration (not network access).
Separates authentication and authorization.
What are the characteristic features of RADIUS?
Primarily used for network access.
Combines authenication and authorization.
Encrypts only the password in the access-request packet.
Which of the following authentication protocols can be used to enable SSO?
Kerberos.
