Network Operations Part 2

Which four of the following objectives best describe the kinds of protection that data loss prevention systems seek to provide or deliver? (Choose 4)

A) Establishing identity or role-based access controls

B) Encrypting of data at rest

C) Encrypting of data in motion

D) Blocking unauthorized data transit

E) Preserving competitive advantage

F) Promoting data breaches

A) Establishing identity or role-based access controls

B) Encrypting of data at rest

C) Encrypting of data in motion

D) Blocking unauthorized data transit

Data loss prevention (DLP), often called data leak protection, focuses on ways to prevent sensitive, proprietary, private, or confidential information from unauthorized disclosure. DLP concentrates on identity management and authentication to establish who is trying to access what, or uses role-based access controls (RBAC) to limit access to data. DLP also depends on keeping sensitive information inaccessible to all but authorized parties, which means encrypting data both in motion (being transmitted) or at rest (in storage anywhere). Finally, DLP's mission is to block any kind of unauthorized data transit, including in email, on a USB drive, and as a file copy.

You have been given a drawing that shows the flow of communication in your network, with symbols to indicate each piece of equipment’s function. Which configuration management documentation have you been given?

A) physical network diagram

B) network baseline

C) wiring schematic

D) logical network diagram

C) wiring schematic

You have been given a wiring schematic. Schematics include the flow of network communication and symbols to indicate equipment function. They use horizontal and vertical lines to show how the system flow functions, not the physical layout of the devices in the network.

A wiring diagram emphasizes network connections and uses horizontal and vertical lines to represent network wires. Components are represented by pictures instead of symbols.

You are hired to manage the network at a large data center. On your first day, a user reports that they have lost network connectivity. At the user's workstation, you successfully ping 127.0.0.1 and then swap out the patch cable that runs from the computer to a blank wall plate. In the network closet, you notice that all four patch panels were mounted to the rack after the punchdowns were completed, but nothing indicates port assignments or which areas the patch panels serve. You end up resolving the issue, but it takes longer than necessary. You want to speed up the resolution of future connectivity issues. What should you prepare FIRST?

A) Labeling

B) IDF/MDF documentation

C) Logical diagrams

D) Inventory management

E) Physical diagrams

A) Labeling

Labeling is an important component of the network build and its documentation. Patch panel ports should be labeled and wall jacks should be labeled with the corresponding port number on the patch panel. Likewise, the patch cable should have the same labeling. Switches, routers, hubs, and wireless access points should be labeled, as well as each piece of equipment in a server rack.

When comparing logical vs physical diagrams, each provides a different visualization of the network topology. The physical network diagram includes cable lengths and types, server names, IP addresses, server roles, network equipment locations, and number of network users. An example of a physical network diagram is shown in the following exhibit:

Which of the following items is likely NOT to be covered in the on-boarding procedures for new hires as they report to work for the first time at some organization?

A) Password policy

B) Safety procedures and policies

C) AUP

D) Asset disposal

E) NDA

D) Asset disposal

Because asset disposal policies and procedures deal with how an employee should dispose of an organizational asset and so few employees actually get involved with this activity, it is unlikely to be discussed during the initial phases of the on-boarding process.

For the Network+ exam, you will need to understand best practices for asset disposal. The first practice that should be utilized are factory wipes or configuration wipes. These methods are designed to reset a device to how it was when it initially released or back to a previously known safe configuration. Organizations may do this if they are attempting to restore a device back to a state where it was functional or if an organization is decommissioning a device and need to wipe all sensitive information from it to prevent a potential leak. This is a process is also known as asset sanitization. Organizations should always be sure to sanitize any data or decommissioned device to minimize risks of exposure.

Your company has decided to implement an acceptable use policy (AUP) that must be distributed to all users. You have been asked to write the preliminary policy to submit for management approval. What is defined in this policy?

A) which method administrators should use to back up network data

B) the sensitivity of company data

C) which users require access to certain company data

D) how users are allowed to employ company hardware

D) how users are allowed to employ company hardware

An acceptable use policy (AUP) defines how users are allowed to employ company hardware. For example, an acceptable use policy, which is sometimes referred to as a use policy, might answer the following questions: Are employees allowed to store personal files on company computers? Are employees allowed to play network games on breaks? Are employees allowed to "surf the Web" after hours?

Your company is building a new facility, and you are tasked with designing the new network at that site. You will need multiple servers, switches, patch panels, UPS equipment, and other equipment. You need to plan and document the placement of the equipment in the site's network data center. Which tool should you use?

A) Network diagram

B) Logical diagram

C) Rack diagrams

D) Standard operating procedures/work instructions

C) Rack diagrams

Rack diagrams depict the placement of network equipment, such as routers, switches, hubs, patch panels, servers, and more, in a standard 19”-wide cabinet called a rack. Rack diagrams are particularly useful when planning server rooms and networking closets, as the diagrams allow the engineer to determine the proper placement of equipment prior to the physical buildout. They also serve as a tool to help locate equipment for maintenance or repair.

You have been handed a document that details the steps to take to update the network drivers. Which type of change management document do you have?

A) policies

B) baselines

C) regulations

D) procedures

D) procedures

Procedures set forth the steps that must be taken to enforce the network owner's policies, including updating the network drivers. Procedures tell how to achieve the desired results. Baselines are primarily used to identify performance issues. They are actually performance statistics gathered for comparative purposes. By establishing a performance baseline, you can ensure that performance issues are identified much easier in the future.

You are designing a network for a new facility. The client wishes to provide main connections to several floors from where the ISP service enters the building. On each floor, switches will handle the distribution to end devices. What would be the most helpful for maintaining and documenting those main connections?

A) Change management documentation

B) IDF/MDF documentation

C) wiring and port locations

D) Labeling

B) IDF/MDF documentation

Intermediate Distribution Frame/Main Distribution Frame (IDF/MDF) documentation first describes and details the primary ISP feed into the building, which is handled by the MDF. The documentation also shows how the MDF splits out and feeds the various IDFs throughout the facility. Most often, an IDF will provide network service to a floor or department.

Which of the following computing technologies is most likely to fall under the U.S. government's export administration regulations designed to protect the sale or transfer of commodities, technology, information, or software considered of strategic importance to the U.S.?

A) Encryption tools

B) File compression techniques

C) Web page design tools

D) Deduplication software

A) Encryption tools

Encryption tools are most likely to fall under the U.S. government’s export administration regulations. Since the days of the Cold War, the US and western powers established a variety of export control regulations to keep cryptography out of the hands of the Soviet bloc countries. To this day, the US Commerce department maintains restrictions on cryptographic methods for applying security to data communications or storage, proofs of identity, or public/private key management and exchange.

Management has requested that you document the minimum level of security for all network devices. Which of the following will this provide?

A) guidelines

B) baselines

C) standards

D) procedures

B) baselines

A baseline defines the minimum level of security and performance of a system in an organization. A baseline is also used as a benchmark for future changes. Any change made to the system should match the defined minimum security baseline. A security baseline is defined through the adoption of standards in an organization.

Guidelines are the actions that are suggested when standards are not applicable in a particular situation. Guidelines are applied where a particular standard cannot be enforced for security compliance. Guidelines can be defined for physical security, personnel, or technology in the form of security best practices.

Standards are the mandated rules that govern the acceptable level of security for hardware and software. Standards also include the regulated behavior of employees. Standards are enforceable and are the activities and actions that must be followed. Standards can be defined internally in an organization or externally as regulations.

You have reconfigured your network to change the cable type used on one of your subnets from Cat5 to Cat6. Which change configuration management documentation should you revise? (Choose 2)

A) wiring schematic

B) physical network diagram

C) network baseline

D) logical network diagram

B) physical network diagram

C) network baseline

You should revise both the physical network diagram and the network baseline when the cable type of a subnet is changed. The physical network diagram includes cable lengths and types, server names, IP addresses, server roles, network equipment locations, and number of network users. Network diagrams are also referred to as network maps.

A network baseline includes the performance statistics for your network. By establishing a network performance baseline, you can ensure that performance issues can be identified much more easily in the future. If you wanted to track the improvement of the network infrastructure after you have upgraded several components, you would need a baseline to perform an accurate comparison. Without a baseline, you cannot determine if performance improvements have occurred.

You have recently been hired as a network administrator. Soon after starting at the new company, you realize that not all appropriate network documentations has been created. Specifically, you need to set for the network rules, including the who, what, and when of the rules. Which configuration management documentation should you create?

A) policies

B) baselines

C) procedures

D) regulations

A) policies

Policies set forth the network rules, including the who, what, and when of the rules. Policies tell what the rules are, who is covered by the rule, and when the rule applies.

You have changed the IP address scheme for two of your company's networks. In addition, the names of two servers have changed. Which change management documentation should you revise?

A) logical network diagram

B) wiring schematic

C) physical network diagram

D) network baseline

C) physical network diagram

You should only revise the physical network diagram. The physical network diagram includes cable lengths and types, server names, IP addresses, server roles, network equipment locations, and number of network users. An example of a physical network diagram is shown in the following exhibit:

Which two guidelines are the best to implement for passwords according to CompTIA guidelines? (Choose 2)

A) Ensure that passwords are only constructed of only alphanumeric characters.

B) Create passwords that contain at least one symbol.

C) Ensure that passwords are at least 15 characters in length.

D) Configure passwords to change periodically.

E) Ensure that passwords change rarely or never change.

B) Create passwords that contain at least one symbol.

D) Configure passwords to change periodically.

Of the choices presented, you should configure passwords to change periodically and create passwords that contain at least one symbol in order to create the strongest passwords. Depending on the security level required, passwords might change once every three months, once per month or once per week. In some very high security situations, such as military and intelligence agencies, passwords are commonly configured to change as often as twice per day. Configuring passwords to change periodically can significantly increase the strength of password security on a network. Passwords should also include alphanumeric characters and at least one symbol, such as the dollar sign ($) character. Whenever creating a password, it is always important to have complexity requirements established. These policies are designed to reduce the threat of password attacks by adding in random characters and numbers that make the password nearly impossible to ever guess.

After a data breach occurs at a client's site, you determine that some of the switches, routers, and servers in the network were updated with the most current security patches, and some have never been updated. When you examine the network diagram, you notice that many of the same types of devices do not look the same in the diagram. What type of documentation should you provide to the client to ensure all devices are consistently identified by their type?

A) Diagram symbols

B) Inventory management

C) Change management documentation

D) Network configuration and performance baselines

A) Diagram symbols

Diagram symbols should be standardized throughout the network documentation. For example, routers should all be depicted in the documentation with the same shape. The same would be true for other devices, such as switches, bridges, and patch panels: each type of equipment should use a symbol, icon, or shape that is unique to that type of equipment. The most commonly used symbols were developed by Cisco, but Amazon Web Services uses its own set of symbols, and different software packages may have their own symbols.

Management has decided to renovate a portion of the office. You have been asked to relocate several computers and other network devices in the renovation area to another part of the building. After relocating the computers and devices, you document the new location. What is the term used to describe the actions you took?

A) baseline

B) NAC

C) SLA

D) asset management

D) asset management

Asset management involves documenting information regarding the company assets, including location, user, IP address, and other information. Asset management is part of the network documentation that must be maintained.

You are the network administrator for a healthcare organization. Recently several federal and state government laws have been enacted which will affect network operations. Which change management documentation should record this information?

A) regulations

B) policies

C) baselines

D) procedures

A) regulations

Regulations are governmental guidelines that are written by federal or state agencies based on the laws passed by federal or state government. Regulations are established by entities outside the network owner.

Which of the following statements is UNLIKELY to appear in an organization's safety policies and procedures for its networking equipment?

A) Keep all work areas clean, uncluttered, and organized.

B) Exercise caution when working around electrical equipment.

C) Always use insulated tools.

D) Arrange for assistance or lifts when moving heavy equipment.

E) Look for simpler, more approachable alternatives to technician's manuals online.

F) Wear appropriate safety equipment.

E) Look for simpler, more approachable alternatives to technician's manuals online.

The essence of stating and practicing proper safety procedures and policies is doing things by the book. Because looking for simpler, more approachable alternatives to technician’s manuals online encourages readers to skip the book quite literally, it is completely at odds with this approach.

Which four of the following elements are most likely to appear in a well-designed password policy that explains requirements for formulating secure passwords? (Choose 4)

A) one or more special characters

B) one or more numbers

C) 12 characters or longer

D) spouse's birthday

E) pet's name

F) mix of upper and lower case characters

A) one or more special characters

B) one or more numbers

C) 12 characters or longer

F) mix of upper and lower case characters

The strongest passwords are long, and include a mix of upper and lower case alphabetic characters, along with one or more numbers and special characters (such as !@#$% and so forth). For this scenario, the following options are correct:

12 characters or longer

mix of upper and lower case characters

one or more numbers

one or more special characters

Which component of a computer use policy should state that the data stored on a company computer is not guaranteed to remain confidential?

A) computer ownership

B) acceptable use

C) information ownership

D) no expectation of privacy

D) no expectation of privacy

A no expectation of privacy policy is the component of a computer use policy that should indicate that data stored on a company computer is not guaranteed to remain confidential. A no expectation of privacy policy should also state that data transferred to and from a company network is not guaranteed to remain confidential. Policies must be communicated to personnel as part of end-user awareness. End-user awareness is the responsibility of management and should include training, policies, and procedures to ensure that organizational security is understood by all personnel.

You are working with your support specialists on expanding your company's existing network. You need to determine the actual network interfaces used on all network devices. Which configuration management documentation should you consult?

A) wiring schematics

B) physical network diagram

C) network baseline

D) logical network diagram

B) physical network diagram

You should consult a physical network diagram. A physical network diagram includes the actual network interfaces used. A physical network diagram represents the physical locations of the network devices and how they are connected.

You are the network administrator for a manufacturing company. Technicians that work on computers used on the manufacturing floor may come into contact with dangerous chemicals. You need to understand which chemicals they will come into contact with and their associated safety issues. What should you consult?

A) MSDS

B) ACL

C) HVAC

D) ESD

A) MSDS

You should consult the material safety data sheet (MSDS) to understand which chemicals technicians will come into contact with and any safety issues regarding those chemicals. If personnel come into contact with any chemicals, including thermal compound, you should consult the MSDS.