62 Questions
In its primary functionality, a network-attached storage (NAS) device is most closely associated with which of the following devices?
File server
Which of the following statements about differences between Network-Attached Storage (NAS) and Storage Area Networks (SANs) are true? (Choose all that apply)
NAS provides file-level storage access, whereas SAN provides block-level storage access.
Which of the following statements specify advantages of FCoE over the original Fibre Channel standard? (Choose all that apply)
FCoE can share a network with standard IP traffic, whereas Fibre Channel cannot.
Which of the following are Application layer protocols that network-attached storage (NAS) devices can use to serve shared files to clients on the network? (Choose all that apply)
NFS
Which of the following is not one of the advantages of iSCSI over Fibre Channel?
iSCSI is routable, whereas Fibre Channel is not.
Which of the following is the term for the client that accesses an iSCSI device on a storage area network?
Initiator
Which of the following protocols are included in an iSCSI packet on a storage area network (SAN)? (Choose all that apply)
IP
Which of the following protocol standards defines a layered implementation that does not correspond to the layers of the Open Systems Interconnection (OSI) model?
PPP
Which of the following protocols are included in an FCoE packet?
Ethernet
Ralph, the administrator of a 500-node private internetwork, is devising a plan to connect the network to the Internet. What is the true statement about Ralph's proposed Internet access solution?
The proposal satisfies the primary objective and one of the secondary objectives.
Which of the following is not a mechanism for distributing incoming network traffic among multiple servers?
VPN headend
Which of the following is not a function typically provided by a unified threat management (UTM) appliance?
Network-attached storage
A multilayer switch can operate at which layers of the Open Systems Interconnection (OSI) model? (Choose all that apply)
Application
Control plane policing (CPP or CoPP) is a feature on some routers and switches that limits the rate of traffic on the device's processor to prevent denial-of-service (DoS) and reconnaissance attacks. It uses which of the following technologies?
QoS
Which of the following is a device that switches calls between endpoints on the local IP network and provides access to external Internet lines?
VoIP gateway
Which of the following is the true definition of the term modem?
A device that connects a computer to the public switched telephone network (PSTN)
Which of the following terms are used to describe the device used to place calls on a Voice over Internet Protocol (VoIP) installation? (Choose all that apply)
Endpoint
Which of the following devices enables you to use a standard analog telephone to place calls using the Internet instead of the public switched telephone network (PSTN)?
VoIP gateway
Which of the following prevents packets on a TCP/IP internetwork from being transmitted endlessly from router to router?
Time to live (TTL)
Which of the following is the abbreviation for a network of Internet data centers supplying end users with localized access to their data?
CDN
Which of the following best describes the function of a firewall?
A device located between two networks that enables administrators to restrict incoming and outgoing traffic
Which of the following terms is used to describe the method by which a firewall examines the port numbers in Transport layer protocol headers?
Service-dependent filtering
Which of the following criteria does a firewall capable of service-dependent filtering use to block traffic?
Port numbers
Which of the following devices perform essentially the same function?
Bridges
Which of the following switch types immediately forwards frames after looking at only the destination address?
Cut-through
Which of the following is something that only a firewall capable of stateful packet inspection can do?
Scan Transport layer header fields for evidence of SYN floods
Which of the following statements about hubs and switches are true?
Switches create a separate broadcast domain for each connected device, whereas hubs create a single broadcast domain for all of the connected devices
Which of the following statements about switches and routers are true?
Routers operate at the Network layer, whereas switches operate at the Data link layer
Which of the following types of systems are frequently used to collect information from intrusion detection systems (IDSs)?
SIEM
Which of the following statements about routers are true?
Routers are Network layer devices that use IP addresses to forward frames
A load balancer is a type of which of the following devices?
Switch
Which of the following best describes the function of a firewall?
A device located between two networks that enables administrators to restrict incoming and outgoing traffic
Which of the following terms is used to describe the method by which a firewall examines the port numbers in Transport layer protocol headers?
Service-dependent filtering
Which of the following physical network devices can conceivably be implemented as software in a computer's operating system?
Firewall
Which of the following criteria does a firewall capable of service-dependent filtering use to block traffic?
Port numbers
Ralph wants to ensure protection from unauthorized Internet traffic and attacks against open ports. Which solution would enable him to accomplish this goal with minimum cost to the client?
Install a hardware firewall between the multifunction device and the cable modem
Which of the following statements about hubs and switches are true?
Switches create a separate broadcast domain for each connected device, whereas hubs create a single broadcast domain for all of the connected devices
Which of the following devices perform essentially the same function?
Hubs
Which of the following switch types immediately forwards frames after looking at only the destination address?
Cut-through
Which of the following is something that only a firewall capable of stateful packet inspection can do?
Scan Transport layer header fields for evidence of SYN floods
Which of the following are methods typically used by intrusion detection systems (IDSs) to analyze incoming network traffic?
Anomaly-based detection
In its primary functionality, a network-attached storage (NAS) device is most closely associated with which of the following devices?
File server
Which of the following statements about the differences between network-attached storage (NAS) and storage area networks (SANs) are true? (Choose all that apply)
SAN devices have an operating system, whereas NAS devices do not.
Which of the following statements specify advantages of FCoE over the original Fibre Channel standard? (Choose all that apply)
FCoE is less expensive to implement than Fibre Channel.
Which of the following are Application layer protocols that network-attached storage (NAS) devices can use to serve shared files to clients on the network? (Choose all that apply)
NFS
Which of the following is not one of the advantages of iSCSI over Fibre Channel?
iSCSI includes its own internal flow control mechanism, whereas Fibre Channel does not.
Which of the following is the term for the client that accesses an iSCSI device on a storage area network?
Initiator
Which of the following protocols are included in an iSCSI packet on a storage area network (SAN)? (Choose all that apply)
IP
Which of the following protocols are included in a Fibre Channel packet?
None of the above
Which of the following protocol standards defines a layered implementation that does not correspond to the layers of the Open Systems Interconnection (OSI) model?
PPP
Which of the following protocols are included in an FCoE packet?
Ethernet
Ralph, the administrator of a 500-node private internetwork, is devising a plan to connect the network to the Internet. Which statement about Ralph's proposed Internet access solution is true?
The proposal satisfies the primary objective and both of the secondary objectives.
Which of the following is not a mechanism for distributing incoming network traffic among multiple servers?
VPN headend
Which of the following is not a function that is typically provided by a unified threat management (UTM) appliance?
Network-attached storage
A multilayer switch can operate at which layers of the Open Systems Interconnection (OSI) model? (Choose all that apply)
Session
Control plane policing (CPP or CoPP) is a feature on some routers and switches that limits the rate of traffic on the device's processor to prevent denial-of-service (DoS) and reconnaissance attacks, using which of the following technologies?
QoS
Which of the following is a device that switches calls between endpoints on the local IP network and provides access to external Internet lines?
VoIP gateway
Which of the following is the true definition of the term modem?
A device that converts analog signals to digital signals and back again
Which of the following terms are used to describe the device used to place calls on a Voice over Internet Protocol (VoIP) installation? (Choose all that apply)
Terminal
Which of the following devices enables you to use a standard analog telephone to place calls using the Internet instead of the public switched telephone network (PSTN)?
VoIP gateway
Which of the following prevents packets on a TCP/IP internetwork from being transmitted endlessly from router to router?
Time to live (TTL)
Which of the following is the abbreviation for a network of Internet data centers supplying end users with localized access to their data?
CDN
Study Notes
Here are the study notes:
Networking Appliances, Applications, and Functions
- Firewall: a device located between two networks that restricts incoming and outgoing traffic; capable of service-dependent filtering, stateful packet inspection, and deep packet inspection.
- Router: a device that connects two networks together, forwarding traffic between them as needed.
- Switch: a device that connects multiple devices within a network, forwarding packets to the intended recipient.
- Hub: a simple network device that connects multiple devices, repeating incoming data signals to all connected devices.
- Bridge: a device that connects two networks, forwarding packets between them based on MAC addresses.
- Proxy Server: a device that acts as an intermediary between a client and a server, providing anonymity and security.
- Load Balancer: a device that distributes incoming network traffic among multiple servers to improve responsiveness and availability.
- IDS/IPS: a system that monitors network traffic for signs of unauthorized access or malicious activity.
Network Security
- NAT: a technique that allows multiple devices to share a public IP address when accessing the Internet.
- Stateful Packet Inspection: a firewall feature that tracks the state of network connections to ensure only authorized traffic is allowed.
- Deep Packet Inspection: a firewall feature that examines the contents of packets to identify and block malicious traffic.
- Intrusion Detection/Prevention Systems (IDS/IPS): systems that monitor network traffic for signs of unauthorized access or malicious activity.
Network Protocols and Technologies
- Fibre Channel: a high-speed storage networking technology used in SANs.
- iSCSI: a protocol that allows SCSI commands to be sent over TCP/IP networks.
- FCoE: a protocol that enables Fibre Channel packets to be transmitted over Ethernet networks.
- SAN: a dedicated high-speed network for storage devices, providing block-level access.
- NAS: a device that provides file-level access to shared files over a network.
Network Architecture and Design
- Multilayer Switch: a device that operates at multiple OSI layers, providing routing, switching, and other functions.
- Unified Threat Management (UTM) Appliance: a device that integrates multiple security functions, including firewalling, antivirus, and intrusion detection.
- Virtual Private Networking (VPN): a technology that enables secure, encrypted connections over the Internet.
- Quality of Service (QoS): a technique for ensuring network traffic is prioritized and managed to meet performance requirements.
Other Networking Concepts
- Content Filtering: a feature that blocks access to specific websites or content based on administrator-defined rules.
- Load Balancing: a technique for distributing incoming network traffic among multiple servers.
- CGN: a technique for extending the availability of IPv4 addresses using NAT and other technologies.
- DoS/DDoS: types of attacks that overwhelm a network or system with traffic in order to make it unavailable.
I hope these study notes are helpful!
Networking Appliances, Applications, and Functions
- A firewall is a device that restricts incoming and outgoing traffic between two networks, and can be used to block traffic destined for specific IP addresses or ports.
- Stateful packet inspection is a method used by firewalls to examine the port numbers in Transport layer protocol headers.
- A firewall capable of service-dependent filtering uses port numbers to block traffic.
- A hub is a physical network device that operates only at the Physical layer, whereas a switch operates at the Data link layer.
- A switch is a multiport bridge that forwards frames based on MAC addresses.
- A router is a Network layer device that uses IP addresses to forward frames.
- An intrusion detection system (IDS) analyzes incoming network traffic using methods such as anomaly-based detection, behavior-based detection, and signature-based detection.
- A load balancer is a device that directs incoming traffic to one of a group of servers, and can use criteria such as server load, response time, or rotation to make its decision.
- A proxy server is a device that operates at the Application layer and can be used to cache Internet data for subsequent use by internal network clients.
Storage Area Networks (SANs)
- Fibre Channel is a protocol used for SANs that can achieve data transfer rates of up to 128 Gbps.
- iSCSI is a protocol used for SANs that allows for the sharing of a network medium with standard LAN traffic.
- FCoE (Fibre Channel over Ethernet) is a protocol that allows Fibre Channel traffic to be transmitted over Ethernet networks.
- Network-attached storage (NAS) devices provide file-level storage access, whereas SANs provide block-level storage access.
Network Security and Access Control
- Unified threat management (UTM) appliances provide a range of security features, including network firewall, antivirus/antimalware protection, and virtual private networking.
- Control plane policing (CPP or CoPP) is a feature that limits the rate of traffic on a device's processor to prevent denial-of-service (DoS) and reconnaissance attacks.
- A VPN (Virtual Private Network) headend is a device that terminates VPN connections and provides access to a network.
Voice over Internet Protocol (VoIP)
- A VoIP PBX (Private Branch Exchange) is a device that switches calls between endpoints on a local IP network and provides access to external Internet lines.
- A VoIP gateway is a device that enables the use of standard analog telephones to place calls using the Internet instead of the public switched telephone network (PSTN).
- A VoIP endpoint is a device that connects a local area network (LAN) to a VoIP network.
General Networking
- Time to live (TTL) is a mechanism that prevents packets on a TCP/IP internetwork from being transmitted endlessly from router to router.
- Content filtering in firewalls examines the data carried within packets for potentially objectionable materials.
Compare and contrast different networking appliances and their functions, including firewalls, routers, and more.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
