CompTIA Network_ Practice Tests -1.2.pdf

Full Transcript

1.2 Compare and contrast networking appliances,
applications, and functions.
33. Which of the following best describes the function of a firewall?
A. A device located between two networks that enables
administrators to restrict incoming and outgoing traffic
B. A device that connects two networks together, forwarding
traffic between them as needed
C. A device that enables Internet network clients with private
IP addresses to access the Internet
D. A device that caches Internet data for subsequent use by
internal network clients
34. Which of the following terms is used to describe the method by
which a firewall examines the port numbers in Transport layer
protocol headers?
A. IP address filtering
B. Service-dependent filtering
C. Deep packet inspection (DPI)
D. Next-generation firewall (NGFW)
35. Which of the following physical network devices can conceivably
be implemented as software in a computer's operating system?
(Choose all that apply.)
A. Hub
B. Switch
C. Router
D. Firewall
36. Which of the following criteria does a firewall capable of service-
dependent filtering use to block traffic?
A. Hardware addresses
B. Protocol identifiers
 C. IP addresses
D. Port numbers
37. Ralph is a freelance network consultant installing a three-node
small business network. The computers are all in the same room
and use wired Ethernet to connect to the switched ports of a
multifunction device. The device also functions as a network
address translation (NAT) router for a cable modem connection
to the Internet. NAT provides a measure of security, but Ralph
wants to be sure that the network is protected from
unauthorized Internet traffic and attacks against open ports.
Which of the following solutions would enable Ralph to
accomplish this goal with the minimum cost to the client?
A. Install a hardware firewall between the multifunction device
and the cable modem.
B. Install an intrusion prevention system (IPS) between the
multifunction device and the cable modem.
C. Install a personal firewall on each of the computers.
D. Connect an intrusion detection system (IDS) to one of the
switched ports in the multifunction device.
E. Use a port scanner to monitor the traffic entering the open
ports on the computers.
38. Which of the following statements about hubs and switches are
true? (Choose all that apply.)
A. Hubs operate only at the Physical layer, whereas switches
operate only at the Network layer.
B. All of the devices connected to a hub are part of a single
collision domain, whereas each device connected to a switch
has its own collision domain.
C. There are switches available with Network layer
functionality, but there are no hubs with that capability.
D. Switches create a separate broadcast domain for each
connected device, whereas hubs create a single broadcast
domain for all of the connected devices.
39. Which of the following devices perform essentially the same
function? (Choose two.)
A. Hubs
B. Bridges
C. Switches
D. Routers
40. Which of the following switch types immediately forwards
frames after looking at only the destination address?
A. Cut-through
B. Source route
C. Store-and-forward
D. Destination
41. Which of the following is something that only a firewall capable
of stateful packet inspection can do?
A. Filter traffic-based port numbers
B. Block traffic destined for specific IP addresses
C. Scan Transport layer header fields for evidence of SYN
floods
D. Block all TCP traffic from entering a network
42. Which of the following are methods typically used by intrusion
detection systems (IDSs) to analyze incoming network traffic?
(Choose all that apply.)
A. Anomaly-based detection
B. Behavior-based detection
C. Signature-based detection
D. Statistic-based detection
43. Which of the following is another term for a multiport bridge?
A. Router
B. Switch
 C. Hub
D. Gateway
44. Which of the following statements about switches and routers
are true? (Choose all that apply.)
A. Routers operate at the Network layer, whereas switches
operate at the Data link layer.
B. All of the devices connected to a switch are part of a single
broadcast domain, whereas the networks connected to a
router form separate broadcast domains.
C. Routers can communicate with each other and share
information, but switches cannot.
D. Switches forward packets based on their hardware
addresses, whereas routers forward packets based on their
IP addresses.
45. Which of the following types of systems are frequently used to
collect information from intrusion detection systems (IDSs)?
A. SIEM
B. NAS
C. RADIUS
D. VoIP
46. Which of the following explains why splitting a large, switched
Ethernet LAN into two LANs by adding a router can help to
alleviate traffic congestion and improve performance? (Choose
all that apply.)
A. Adding a router reduces the amount of broadcast traffic on
each of the two LANs.
B. Adding a router reduces the amount of unicast traffic on
each of the two LANs.
C. Adding a router diverts traffic to an alternate path through
the network.
D. Adding a router prevents computers on one LAN from
communicating with computers on another LAN.
47. Which of the following statements about traditional bridges and
switches is true?
A. Bridges and switches are Network layer devices that use
logical addressing to forward frames.
B. Bridges and switches are Data link layer devices that use
media access control (MAC) addresses to forward frames.
C. Bridges and switches build their internal tables based on
destination addresses and forward packets based on source
addresses.
D. Bridges and switches must support the Network layer
protocol implemented on the local area network (LAN).
E. Each port on a bridge or switch defines a separate broadcast
domain.
48. Which of the following is a correct term describing the function
of a traditional switch?
A. Layer 2 router
B. Ethernet hub
C. Multiport bridge
D. Layer 3 repeater
49. Which of the following is the primary reason why replacing hubs
with layer 2 switches on an Ethernet local area network (LAN)
improves its performance?
A. Layer 2 switches forward packets faster than hubs.
B. Layer 2 switches do not forward broadcast transmissions.
C. Layer 2 switches reduce the number of collisions on the
network.
D. Layer 2 switches read the IP addresses of packets, not the
hardware addresses.
50. Which of the following statements about routers are true?
(Choose all that apply.)
 A. Routers are Network layer devices that use IP addresses to
forward frames.
B. Routers are Data link layer devices that use media access
control (MAC) addresses to forward frames.
C. Routers build their internal tables based on destination
MAC addresses and forward frames based on source MAC
addresses.
D. Routers must support the Network layer protocol
implemented on the local area network (LAN).
E. Each port on a router defines a separate broadcast domain.
51. Which of the following statements about routers is not true?
A. Routers can connect two or more networks with dissimilar
Data link layer protocols and media.
B. Routers can connect two or more networks with the same
Data link layer protocols and media.
C. Routers store and maintain route information in a local text
file.
D. Servers with multiple network interfaces can be configured
to function as software routers.
E. Routers can learn and populate their routing tables through
static and dynamic routing.
52. The network administrator for a small business is installing a
computer to function as a firewall protecting their internetwork
from Internet intrusion. At which of the following locations
should the administrator install the firewall system?
A. Anywhere on the private internetwork, as long as the
Internet is accessible
B. Between the Internet access router and the Internet service
provider's (ISP's) network
C. At the ISP's network site
D. Between the Internet access router and the rest of the
private internetwork
53. Proxy servers operate at which layer of the OSI reference model?
A. Data link
B. Network
C. Transport
D. Application
54. Which of the following is a feature that is not found in a
traditional firewall product, but which might be found in a next-
generation firewall (NGFW)?
A. Stateful packet inspection
B. Deep packet inspection (DPI)
C. Network address translation (NAT)
D. Virtual private network (VPN) support
55. Which of the following statements about content filtering in
firewalls is true?
A. Content filters examine the source IP addresses of packets
to locate potential threats.
B. Content filters enable switches to direct packets out through
the correct port.
C. Content filters examine the data carried within packets for
potentially objectionable materials.
D. Content filters use frequently updated signatures to locate
packets containing malware.
56. Which of the following is not one of the criteria typically used by
load balancers to direct incoming traffic to one of a group of
servers?
A. Which server has the lightest load
B. Which server has the fastest response time
C. Which server is next in an even rotation
D. Which server has the fastest processor
57. Which of the following devices enables administrators of
enterprise wireless networks to manage multiple access points
(APs) from a central location?
A. Hypervisor
B. Wireless controller
C. Wireless endpoint
D. Demarcation point
58. A load balancer is a type of which of the following devices?
A. Switch
B. Router
C. Gateway
D. Firewall
59. Which of the following devices expands on the capabilities of the
traditional firewall by adding features like deep packet
inspection (DPI) and an intrusion prevention system (IPS)?
A. RADIUS server
B. CSU/DSU
C. NGFW
D. Proxy server
60. Which of the following statements about Internet access through
a proxy server accounts for the security against outside intrusion
that a proxy provides?
A. The proxy server uses a public IP address, and the client
computers use private addresses.
B. The proxy server uses a private IP address, and the client
computers use public addresses.
C. Both the proxy server and the client computers use private
IP addresses.
D. Both the proxy server and the client computers use public
IP addresses.
61. Which of the following devices can an administrator use to
monitor a network for abnormal or malicious traffic?
A. IDS
B. UPS
C. RADIUS
D. DoS
E. RAS
62. Which of the following features enables an intrusion detection
system (IDS) to monitor all of the traffic on a switched network?
A. Stateful packet inspection
B. Port mirroring
C. Trunking
D. Service-dependent filtering
63. Which of the following storage area network (SAN) protocols are
capable of sharing a network medium with standard local area
network (LAN) traffic? (Choose all that apply.)
A. iSCSI
B. Fibre Channel
C. FCoE
D. InfiniBand
64. Which of the following protocols is not used for storage area
networks (SANs)?
A. iSCSI
B. FCoE
C. VoIP
D. Fibre Channel
65. Which of the following storage area network (SAN) technologies
do iSCSI initiators use to locate iSCSI targets on the network?
A. Active Directory
 B. ICMP
C. DNS
D. iWINS
E. iSNS
66. What is the highest possible data transfer rate on a storage area
network (SAN) using Fibre Channel?
A. 8 Gbps
B. 16 Gbps
C. 32 Gbps
D. 128 Gbps
67. In its primary functionality, a network-attached storage (NAS)
device is most closely associated with which of the following
devices?
A. Failover cluster
B. File server
C. JBOD
D. RAID
68. Which of the following statements about the differences between
network-attached storage (NAS) and storage area networks
(SANs) are true? (Choose all that apply.)
A. NAS provides file-level storage access, whereas SAN
provides block-level storage access.
B. NAS devices typically contain integrated iSCSI targets.
C. SAN devices have an operating system, whereas NAS
devices do not.
D. NAS devices typically provide a filesystem, whereas SAN
devices do not.
69. Which of the following statements specify advantages of FCoE
over the original Fibre Channel standard? (Choose all that
apply.)
 A. FCoE is less expensive to implement than Fibre Channel.
B. FCoE can share a network with standard IP traffic, whereas
Fibre Channel cannot.
C. FCoE is routable over IP networks, whereas Fibre Channel
is not.
D. FCoE uses standard Ethernet networking hardware.
70. Which of the following are Application layer protocols that
network-attached storage (NAS) devices can use to serve shared
files to clients on the network? (Choose all that apply.)
A. CIFS
B. NFS
C. RDMA
D. HTTP
71. Which of the following is not one of the advantages of iSCSI over
Fibre Channel?
A. iSCSI is routable, whereas Fibre Channel is not.
B. iSCSI is less expensive to implement than Fibre Channel.
C. iSCSI includes its own internal flow control mechanism,
whereas Fibre Channel does not.
D. iSCSI can share the same network as standard local area
network traffic, whereas Fibre Channel cannot.
72. Which of the following is the term for the client that accesses an
iSCSI device on a storage area network?
A. Initiator
B. Target
C. Controller
D. Adapter
73. Which of the following protocols are included in an iSCSI packet
on a storage area network (SAN)? (Choose all that apply.)
A. Ethernet
 B. IP
C. TCP
D. UDP
E. None of the above
74. Which of the following protocols are included in a Fibre Channel
packet?
A. Ethernet
B. IP
C. TCP
D. UDP
E. None of the above
75. Which of the following protocol standards defines a layered
implementation that does not correspond to the layers of the
Open Systems Interconnection (OSI) model?
A. iSCSI
B. Fibre Channel
C. PPP
D. RDMA
76. Which of the following protocols are included in an FCoE
packet?
A. Ethernet
B. IP
C. TCP
D. UDP
E. None of the above
77. Ralph, the administrator of a 500-node private internetwork, is
devising a plan to connect the network to the Internet. The
primary objective of the project is to provide all of the network
users with access to web and email services while keeping the
 client computers safe from unauthorized users on the Internet.
The secondary objectives of the project are to avoid having to
manually configure IP addresses on each one of the client
computers individually and to provide a means of monitoring
and regulating the users' access to the Internet. Ralph submits a
proposal calling for the use of private IP addresses on the client
computers and a series of proxy servers with public, registered
IP addresses, connected to the Internet using multiple T-1 lines.
Which of the following statements about Ralph's proposed
Internet access solution is true?
A. The proposal fails to satisfy both the primary and secondary
objectives.
B. The proposal satisfies the primary objective but neither of
the secondary objectives.
C. The proposal satisfies the primary objective and one of the
secondary objectives.
D. The proposal satisfies the primary objective and both of the
secondary objectives.
78. Which of the following is not a mechanism for distributing
incoming network traffic among multiple servers?
A. Load balancer
B. Round-robin DNS
C. NLB cluster
D. VPN headend
79. Which of the following is not a function that is typically provided
by a unified threat management (UTM) appliance?
A. Virtual private networking
B. Network firewall
C. Network-attached storage
D. Antivirus/antimalware protection
80. A multilayer switch can operate at which layers of the Open
Systems Interconnection (OSI) model? (Choose all that apply.)
 A. Physical
B. Data link
C. Network
D. Transport
E. Session
F. Presentation
G. Application
81. Control plane policing (CPP or CoPP) is a feature on some
routers and switches that limits the rate of traffic on the device's
processor to prevent denial-of-service (DoS) and reconnaissance
attacks, using which of the following technologies?
A. IPsec
B. 802.1X
C. RA guard
D. QoS
E. VLAN hopping
82. Which of the following is a device that switches calls between
endpoints on the local IP network and provides access to
external Internet lines?
A. VoIP PBX
B. VoIP gateway
C. VoIP endpoint
D. Multilayer switch
83. Which of the following is the true definition of the term modem?
A. A device that connects a computer to the public switched
telephone network (PSTN)
B. A device that connects a local area network (LAN) to the
Internet
 C. A device that converts analog signals to digital signals and
back again
D. A device that connects a local area network (LAN) to a wide
area network (WAN)
84. Which of the following terms are used to describe the device
used to place calls on a Voice over Internet Protocol (VoIP)
installation? (Choose all that apply.)
A. Terminal
B. Gateway
C. Endpoint
D. PBX
85. Which of the following devices enables you to use a standard
analog telephone to place calls using the Internet instead of the
public switched telephone network (PSTN)?
A. Proxy server
B. VPN headend
C. VoIP gateway
D. UTM appliance
86. Which of the following prevents packets on a TCP/IP
internetwork from being transmitted endlessly from router to
router?
A. Open Shortest Path First (OSPF)
B. Maximum transmission unit (MTU)
C. Administrative distance
D. Time to live (TTL)
87. Which of the following is the abbreviation for a network of
Internet datacenters supplying end users with localized access to
their data?
A. CDN
B. QoS
C. NAS
D. SAN