CertiGuide to Network+  9  Appendix A: Answers to Success Questions and Real World Exam Questions

Chapter 0111: Wide Area Networking Answers 1 Chapter 1001: Networking in the Real World Answers

1. Public key encryption consists of:

A. Two keys, one of which is published for anyone's use

B. Two keys, neither of which should be published

C. One key which is shared between sender and receiver

D. One key which is transmitted via a separate method from the data.

Explanation: Public key is based on the concept that anyone can encrypt the original method using a publicly available key that the owner created, but the decryption key is held only by the owner.

& Domain 2.13: Identify the following security protocols and define their purpose and function: IPSec, L2TP, SSL, Kerberos.

2. You have just been hired at a new company, and your first assignment is to take on an old project. The firm has received one class C IP range from InterNIC. There are about 259 employees. All must be able to connect to the Internet. There are occasions when all employees may be needed to access the Internet at same time. Select the options that will accomplish this goal.

A. Setup a proxy server

B. Setup a firewall with NAT

C. Obtain a 2nd Class C range

D. Enable Internet Connection Sharing

Explanation: A proxy server uses an external IP, on behalf of the user, to request data from a remote server. Thus, several users can access the Internet using only one or a few external IPs. NAT (Network Address Translation) also allows many users to access internet resources with a single registered IP. A 2nd Class C IP range would allow for an additional 254 IPs, more than enough for the 259 employees.

& Domain 2.7: Identify the purpose of the following network services (e.g. DHCP/bootp, DNS, NAT/ICS, WINS and SNMP)

& Domain 3.8: Identify the purpose, benefits and characteristics of using a firewall. 3.9 Identify the purpose, benefits and characteristics of using a proxy.

3. What level of RAID is defined by using 3 or more disk drives where the data is stripped across all drives in the array?

A. 0

B. 1

C. 3

D. 4

E. 5

Explanation: This is a description of RAID 5.

& Domain 3.5: Identify the purpose and characteristics of fault tolerance.

4. What are two main benefits of a proxy server?

A. Security

B. Performance

C. Ease of assigning IP addresses

D. Cost

E. Can use a single registered IP address for multiple connections to the Internet

Explanation: A proxy server can translate internal, private IP addresses into a single registered IP address for transport out on the Internet. This feature also increases security since your internal IP address are hidden from the outside world. Many proxy servers also offer caching features to improve performance, but the cache technology is a separate service from the proxy itself.

& Domain 3.9: Identify the purpose, benefits and characteristics of using a proxy.

5. Which device, when installed on an IPX-based network provides a high degree of network security?

A. Firewall

B. Application server

C. Web and E-mail Server

D. Proxy Server

Explanation: Since the Internet is based only on TCP/IP, an IPX based network is not vulnerable to outside attacks as a TCP/IP based network is. Therefore, by using a Proxy Server to provide Internet access to the LAN, the internal network is virtually completely safe from outside attacks.

& Domain 3.9: Identify the purpose, benefits and characteristics of using a proxy.

6. A recommended use of a Proxy server is:

A. An Application server

B. File and print server

C. A relay server between networks

D. A translation server between an IPX and an IP network

E. use as a workstation

& Domain 3.9: Identify the purpose, benefits and characteristics of using a proxy.

7. What are potential causes of backup failures?

A. Bad tapes

B. Dirty drives

C. Insufficient tape capacity

D. Incorrect tape format

E. Software configured for append instead of overwrite

Explanation: All of these items can cause a scheduled backup to fail. Bad tapes can be caused by over-use. Tapes should be replaced every 6 months to a year depending on usage. Drives also need to be cleaned on a regular basis. If the tape becomes full during a backup, you may need more than 1 tape to complete the backup. If you elect to append data to the tape, you will eventually fill the media and the scheduled backup will "fail".

& Domain 3.6: Identify the purpose and characteristics of disaster recovery.

8. Good tape management practices include:

A. Retention tapes on a regular basis

B. Regularly rotating new tapes into the set

C. Store tapes near server for easy access

D. Keeping tapes clearly labeled

E. Replace the original cases with foil wrapping to prevent moisture from seeping in.

Explanation: Storing tapes near the server may be handy, but if a disaster happens and your server is destroyed, so will the tapes you'll need to restore the server. The original plastic cases that come with your tapes should be adequate protection as long as you store your tapes in cool, clean areas.

& Domain 3.6: Identify the purpose and characteristics of disaster recovery.

9. Choose the properties of a digital signature:

A. Uses a certificate authority

B. Employs symmetrical keys

C. Once issued, it cannot be revoked

D. Employs public-private keys (asymmetrical) keys

E. Insures that the sending message was not forged

Explanation: Certificate Authorities (CA) are trusted third parties holding a users public key. Public-private keys are asymmetrical in nature. Contrast this to symmetrical keys, which use the same key for encryption and decryption. For whatever changing circumstance, a certificate may be revoked. Since it is almost mathematically impossible at this time to forge a public key, digitally signed messages are considered valid.

& Domain 3.10: Given a scenario, predict the impact of a particular security implementation on Network functionality) e.g. blocking port numbers, encryption, etc.).

10. You want to connect to your network to the Internet but are concerned users will download viruses. What can you do to protect your network?

A. Disconnect the patch cables during peak Internet usage times

B. Install a network virus protection program

C. Install a firewall

D. Install a proxy machine

E. Install a virus protection program on each client box

Explanation: A network virus protection program will enable virus protection network-wide, allowing you to avoid installing antivirus programs on each machine and risking user misuse.

A firewall is used to keep intruders from entering you LAN. An example firewall is a Microsoft Proxy server. Disconnecting the patch cables during peak times would have no effect on the inoculation of viruses.

& Domain 3.6: Identify the purpose and characteristics of disaster recovery.

11. Which of the following are implemented with digital signatures? (Choose two)

A. API Encryption

B. Certificate authority

C. Asymmetric algorithm

D. Complete data encryption

E. Reverse lookup encryption

Explanation: In order to use a digital signature you must have a certificate authority to give you a certificate, and an asymmetric algorithm to code and decode the signature with. An example of a signature authority is VeriSign.com.

& Domain 3.10: Given a scenario, predict the impact of a particular security implementation on Network functionality) e.g. blocking port numbers, encryption, etc.).

12. Backing up data by using two disks and two controllers is known as _______.

A. Disk Mirroring

B. RAID 1

C. RAID 5

D. Disk Duplexing

E. Disk stripping with parity

Explanation: RAID 1 comes in two flavors: Disk Duplexing and Disk Mirroring. Duplexing involves using two controllers and two disks, while mirroring involves just one controller. RAID 5 is Disk Striping with Parity.

& Domain 3.5: Identify the purpose and characteristics of fault tolerance.

& Domain 3.6: Identify the purpose and characteristics of disaster recovery.

13. Select the type of fault tolerance used with two controllers and two hard drives.

A. RAID 5

B. Disk Striping with Parity

C. Disk Striping without Parity

D. Disk Mirroring

E. Disk Duplexing

Explanation: RAID 1 has two flavors: Disk Mirroring and Disk Duplexing. Disk Duplexing provides the most redundancy of the two and requires two controllers, one for each disk. Raid 5 actually is Disk Striping with Parity. Disk Striping without Parity is known as RAID 0, and is aptly named - it provides 0 fault tolerance.

& Domain 3.5: Identify the purpose and characteristics of fault tolerance.

14. Your workstation has three hard disks with the capacities of 300MB, 600MB, and 750MB. What storage technology allows for the largest contiguous space for storage?

A. Volume set

B. Mirrored set

C. Duplexed set

D. Stripe set with parity

E. Partition set

Explanation: A volume set is called a "virtual drive'. It can contain as many disks as you wish and provides absolutely NO fault tolerance.

& Domain 3.5: Identify the purpose and characteristics of fault tolerance.

15. The ______ and _______ backup methods clear the archive attribute of the files being backed up.

A. Tape delivery

B. Incremental

C. Differential

D. Supplemental

E. Full

& Domain 3.6: Identify the purpose and characteristics of disaster recovery.

16. Which of the following passwords is the MOST secure?

A. Password

B. Administrator

C. JBRTis45?

D. 12345678

E. c4#Qb8*

Explanation: While answer "JBRTis45?" has no known pattern or spellings like"12345678", "Password", or "Administrator", it isn't as secure as "c4#Qb8*". One of the best ways to keep an account secure is to use symbols in the password. Not spelling out words is worthwhile because there are dictionaries designed for the sole purpose of breaking codes. Also, use upper and lower case letters. If you must spell a word, substitute like-looking symbols or numbers for their respective letters. Other methods of ensuring security are to change the names of oft-used usernames, like administrator, and frequently changing the passwords.

& Domain 4.11: Given a network to allow sharing scenario involving a client connectivity problem (e.g., incorrect protocol/client software/authentication configuration, or insufficient rights/permission), identify the cause the problem.

Chapter 0111: Wide Area Networking Answers 1 Chapter 1001: Networking in the Real World Answers