CIS 3230 Quiz 3, MSU Denver

CIS 3230 MSU Denver

An example of an application layer address is www.indiana.edu.

True

TCP/IP is a data link protocol that is used on the Internet.

False

The standard port number for Telnet is 53.

False

Domain Name Servers provide the resolution of application layer addresses to their corresponding network layer address.

True

An Address Resolution Protocol message is broadcast to all computers in a subnet to find the data link layer address of a host whose IP address is known but whose MAC address is unknown.

True

Which of the following TCP ports is used by the Windows OS for file sharing?

445

Which of the following ports is commonly used by VoIP phones? (Hint: ____ Unsecured and UDP Port 5061 Secured)

5060

A network technician needs to ensure outside users are unable to telnet into any of the servers at the datacenter. Which of the following ports should be blocked when checking firewall configuration?

23

A network administrator is configuring a database server and would like to ensure the database engine is listening on a certain port. Which of the following commands should the administrator use to accomplish this goal?

netstat -a

Which of ports are associated with IMAP? (Hint: First is the default port used for unencrypted IMAP connections. The other is the default port used for encrypted IMAP connections using SSL or TLS

143, and 993

A network administrator is troubleshooting the communication between two Layer 2 switches that are reporting a very high runt count. After trying multiple ports on both switches, the issue persists. Which of the following should the network administrator perform to resolve the issue?

Increase the MTU size on both switches

A technician is setting up a new router, configuring ports, and allowing access to the Internet. However, none of the users connected to this new router are able to connect to the Internet. Which of the following does the technician need to configure?

Network Address Translation (NAT)

A network administrator is adding a new switch to the network. Which of the following network hardening techniques would be BEST to use once the switch is in production?

 Disable unneeded ports

An IT administrator received an assignment with the following objectives: ✑ Conduct a total scan within the company's network for all connected hosts. ✑ Detect all the types of operating systems running on all devices. ✑ Discover all services offered by hosts on the network. ✑ Find open ports and detect security risks. Which of the following command-line tools can be used to achieve these objectives?

nmap

A network administrator would like to purchase a device that provides access ports to endpoints and has the ability to route between networks. Which of the following would be BEST for the administrator to purchase?

A Layer 3 switch

Which of the following types of connections would need to be set up to provide access from the internal network to an external network so multiple satellite offices can communicate securely using various ports and protocols?

 Client-to-site VPN

Which of the following ports should be used to securely receive mail that is synchronized across multiple devices? (Hint: ___ is IMAP4S)

993

During a recent security audit, a contracted penetration tester discovered the organization uses a number of insecure protocols. Which of the following ports should be disallowed so only encrypted protocols are allowed?

69 and 23

A company is designing a SAN and would like to use STP as its medium for communication. Which of the following protocols would BEST suit the company's needs?

(Hint: a SAN protocol used to send block storage from storage arrays or devices to client computers that aren’t directly connected to those devices.)

iSCSI (Internet Small Computer System Interface)

A network administrator is configuring Neighbor Discovery Protocol in an IPv6 network to ensure an attacker cannot spoof link-layer addresses of network devices. Which of the following should the administrator implement?

(Hint: security feature that protects against rogue router advertisements.)

Router Advertisement Guard

Client devices cannot enter a network, and the network administrator determines the DHCP scope is exhausted. The administrator wants to avoid creating a new DHCP pool. Which of the following can the administrator perform to resolve the issue?

Reduce the lease time

Which of the following would need to be configured to ensure a device with a specific MAC address is always assigned the same IP address from DHCP?

Reservation

A newly installed VoIP phone is not getting the DHCP IP address it needs to connect to the phone system. Which of the following tasks need to be completed to allow the phone to operate correctly? (Hint: he most likely solution as the phone is not getting the DHCP IP address it needs, which typically indicates an issue with the VLAN configuration on the switch.)

 Assign the phone's switchport to the correct VLAN

Which of the following describes the BEST device to configure as a DHCP relay?

Router

A technician knows the MAC address of a device and is attempting to find the device's IP address. Which of the following should the technician look at to find the IP address?

DHCP Leases, and ARP Table

A technician is troubleshooting a report about network connectivity issues on a workstation. Upon investigation, the technician notes the workstation is showing an APIPA address on the network interface. The technician verifies that the VLAN assignment is correct and that the network interface has connectivity. Which of the following is MOST likely the issue the workstation is experiencing?

 DHCP exhaustion

Which of the following would be used to forward requests and replies between a DHCP server and client?

Relay

A network technician is troubleshooting a new web server connectivity issue. The network technician discovers the following on the support ticket: • The server’s IP address can be pinged from the client PCs. • Access to the web resource works correctly when on the server's console. • No clients can access the server’s data via URL. • The server does not have a firewall configured. • No ACLs are preventing connectivity from the client's network. • All services on the server are operating normally, which was confirmed by the server team. Which of the following actions will resolve the issue?

Configure A records for the web server.

A technician is assisting a user who cannot connect to a website. The technician attempts to ping the default gateway and DNS server of the workstation. According to troubleshooting methodology, this is an example of:

 

a divide-and-conquer approach.

An attacker targeting a large company was able to inject malicious A records into internal name resolution servers. Which of the following attack types was MOST likely used?

TXT

Network traffic is being compromised by DNS poisoning every time a company's router is connected to the internet. The network team detects a non-authorized DNS server being assigned to the network clients and remediates the incident by setting a trusted DNS server, but the issue occurs again after internet exposure. Which of the following best practices should be implemented on the router?

 

Change the device's default password.

A security vendor needs to add a note to the DNS to validate the ownership of a company domain before services begin. Which of the following records did the security company MOST likely ask the company to configure?

TXT

Which of the following records can be used to track the number of changes on a DNS zone?

SOA (Start of Authority)

A technician is setting up DNS records on local servers for the company's cloud DNS to enable access by hostname. Which of the following records should be used?

A

A network administrator is reviewing the network device logs on a syslog server. The messages are normal, but the time stamps on the messages are incorrect. Which of the following actions should the administrator take to ensure the log message time stamps are correct?

Change the NTP settings on the network device.

Which of the following must be functioning properly in order for a network administrator to create an accurate timeline during a troubleshooting process?

NTP (Network Time Protocol)