Chapter 10
Network Naming
1. How does NetBIOS identify a computer system on the network?
A. By using the Web address
B. By using a NetBIOS name
C. By using the IP address
D. By using a port number
2. Within the DNS hierarchy, which term refers to the DNS servers just below the DNS root?
A. Domain controllers
B. Top-level domain servers
C. Second-level domain server
D. WINS server
3. Which statement is true about DNS roots?
A. They handle all the name resolution tasks of the Internet.
B. They are directly below the top-level domain server.
C. They have the complete definitive name resolution table.
D. They do not know any IP addresses.
4. What term best describes the way the DNS name space is organized?
A. Hierarchical
B. Tree-like
C. Flat
D. Domain
5. Including the separating periods, what is the maximum number of characters allowed by the DNS naming convention?
A. 128
B. 80
C. 15
D. 255
6. Which term is an original top-level domain name?
A. .prt
B. .mil
C. .html
D. .biz
7. Which organization has the authority to create new top-level domain names?
A. ICANN
B. IANA
C. IEEE
D. IETF
8. What UDP port do DNS servers primarily use?
A. 53
B. 80
C. 90
D. 110
9. Which of the following is true of the names in a flat name space?
A. Names must be the same length.
B. Names must include the domain name.
C. Names must have a common part.
D. Names must be unique.
10. How many powerful DNS server clusters, scattered all over the world, does the DNS root contain?
A. 1
B. 3
C. 13
D. 23
11. Which characters are not permitted in a DNS domain or host name?
A. Spaces
B. Upper and lower case letters
C. Numbers
D. Hyphens
12. In the DNS naming convention, what character(s) separate(s) a domain name from its subdomains?
A. Forward slash (/)
B. Backward slash ()
C. Forward double slash (//)
D. Period (.)
13. In the DNS naming convention, what is the correct sequence for writing a fully qualified domain name (FQDN)?
A. Root.domain.host
B. Host.domain.root
C. Domain.host.root
D. Domain.root.host
14. Which item is part of a fully qualified domain name (FQDN)?
A. The host name
B. The MAC address
C. The IP address
D. The segment ID
15. In comparing the DNS name space to a computer’s file system, a domain is like __________.
A. a single computer
B. the hard drive
C. the root directory
D. a folder
16. How is the address 127.0.0.1 listed in the hosts file?
A. loopback
B. root
C. localhost
D. gateway
17. What entry is made at the command prompt in UNIX/Linux to display DNS server information?
A. ipconfig /all
B. ipconfig /displaydns
C. ping /dns
D. cat /etc/resolv.conf
18. What company handles security for a lot of the e-commerce on the Internet and also maintains two root name server clusters?
A. Microsoft
B. VeriSign
C. ICANN
D. Ubuntu
19. What information is kept in the cached lookups folder for a DNS server?
A. The favorite list of IP addresses
B. The IP addresses and FQDNs for the computers in a domain
C. The IP addresses already resolved
D. A list of pointer records that can determine an FQDN from an IP address
20. On an authoritative DNS server, which storage areas hold the IP addresses and FQDNs for the computers in a domain?
A. Forward lookup zones
B. Cached lookups
C. DNS cache
D. SOA record
21. Which DNS server is used to talk to other DNS servers to resolve IP addresses for DNS clients?
A. Cache-only DNS server
B. DHCP server
C. WINS server
D. Authoritative server
22. Which zone files are the most important part of any DNS server?
A. Forward lookup zones
B. Replicated zones
C. Loopback zones
D. Cached zones
23. Which record type points to the authoritative name server?
A. BIND
B. SOA
C. FQDN
D. A
24. Which zone is created on other DNS servers to act as backups to the primary zone?
A. Active
B. Backup
C. Secondary
D. Reverse
25. What enables a system to determine an FQDN by knowing the IP address?
A. Reverse lookup zones
B. WINS
C. Cached lookups
D. Forward lookup zones
26. Microsoft used DNS names with the __________ protocol to provide folder and printer sharing in small TCP/IP networks.
A. SMB
B. Samba
C. NetBIOS
D. NetBT
27. DNS domains that are not on the Internet should use the top-level name __________.
A. .foreign
B. .root
C. .remote
D. .local
28. Which type of domain allows all of the domain controllers to be equal partners, such that any domain controller can take over if one domain controller fails?
A. Active Directory
B. WINS
C. NetBIOS
D. NetBEUI
29. Which protocol enables DNS servers to get automatic updates of IP addresses of computers in their forward lookup zones, mainly by talking to the local DHCP server?
A. NetBIOS over TCP/IP
B. Dynamic DNS
C. ARP
D. WINS
30. Which term refers to an authentication and authorization protocol designed to prevent bad guys from impersonating legitimate DNS servers?
A. DNSSEC
B. WINS
C. IPSec
D. Active Directory
31. Which command is used to force a DNS server to update its records?
A. ifconfig /renew
B. ipconfig /renew
C. ifconfig eth0 up
D. ipconfig /registerdns
32. Which tool is the best choice for testing DNS?
A. ping
B. ipconfig
C. tracert
D. nslookup
33. Which of the following would confirm that you have a DNS problem?
A. Ping returns a “request timed out” message.
B. Ping does not work with either an IP address or a Web site address.
C. Ping works with the IP address but not with the Web site name.
D. The DNS resolver cache is empty.
34. Which program, available on all operating systems, provides all types of information from a DNS server and allows you to query all types of information from a DNS server and change how your system uses DNS?
A. ipconfig
B. tracert
C. winipcfg
D. nslookup
35. If you are using NetBIOS, which command allows you to see if other local systems are visible?
A. netstat
B. net view
C. nbtstat
D. net send
— END CHAPTER 10 —
Chapter 11
Securing TCP/IP
1. Which term means to scramble, to mix up, and to change data in such a way so that the wrong people cannot read it, but the right people can unscramble it?
A. Authentication
B. Encryption
C. Authorization
D. Nonrepudiation
2. Which term defines what an authenticated person can do with data?
A. Auditing
B. Authentication
C. Accounting
D. Authorization
3. Which term refers to a cipher’s underlying mathematical formula?
A. Algorithm
B. Encryption
C. Authentication
D. Hash
4. Which term refers to the result of running cleartext through a cipher algorithm using a key?
A. Key pair
B. Digital signature
C. Plaintext
D. Ciphertext
5. Which block cipher is used by most TCP/IP applications?
A. Rivest Cipher 4 (RC4)
B. Data Encryption Standard (DES)
C. Advanced Encryption Standard (AES)
D. Rivest Shamir Aleman (RSA)
6. Which algorithm is the oldest of the TCP/IP symmetric-key algorithms?
A. Data Encryption Standard (DES)
B. Rivest Cipher 4(RC4)
C. Advanced Encryption Standard (AES)
D. Public-key cryptography
7. Which type of encryption is the most popular form of e-mail encryption?
A. Data Encryption Standard (DES)
B. Asymmetric-key algorithm
C. Block encryption
D. Public-key cryptography
8. Which type of algorithm is used when two different keys are used in encryption?
A. Symmetric-key
B. Keyless
C. PKI
D. Asymmetric-key
9. Which layer of the OSI model is a common place for encryption using proprietary encryption devices?
A. Layer 1
B. Layer 2
C. Layer 4
D. Layer 7
10. Which term describes a mathematical function that you run on a string of binary digits of any length that results in a value of some fixed length?
A. Authentication
B. Encryption
C. Hash
D. Nonrepudiation
11. Which cryptographic hash comes in several versions?
A. MD5
B. PKI
C. SNMP
D. Secure Hash Algorithm (SHA)
12. Which term refers to a standardized type of digital signature that includes the digital signature of a third party?
A. Hash
B. Certificate
C. Encryption
D. Password
13. Which organization is the biggest player in the certificate authority market?
A. Microsoft
B. eBay
C. VeriSign
D. ICAN
14. Which authentication method is the most common authentication method for dial-up connections?
A. PPP
B. AAA
C. MS-CHAPv2
D. RADIUS
15. Which standard offers authentication, authorization, and accounting?
A. DES
B. RADIUS
C. MS-CHAP
D. Network Access Servers (NASs)
16. Which standard offers authentication, authorization, and accounting?
A. Terminal Access Control Access Control System Plus (TACACS+)
B. Data Encryption Standard (DES)
C. MS-CHAP
D. Network Access Servers (NASs)
17. Which authentication protocol is used in a TCP/IP network where many clients all connect to a single authenticating server with no point-to-point involved?
A. MS-CHAP
B. PPP
C. TACACS+
D. Kerberos
18. Which port does the Kerberos authentication protocol use?
A. 22
B. 23
C. 53
D. 88
19. What is another name for a timestamped service ticket?
A. Passcode
B. Token
C. Password
D. Smart card
20. Which technology is not a true protocol in the classic sense?
A. EAP
B. PPP
C. 802.1X
D. IPsec
21. Which authentication method is the most popular form of authentication used in wireless networks today?
A. PPP
B. EAP-PSK (Personal Shared Key)
C. EAP-TLS
D. LEAP
22. EAP is not a protocol in the classic sense, but rather, it is a PPP __________ that EAP-compliant applications can use to accept one of many types of authentication.
A. authentication rule
B. token
C. wrapper
D. ticket
23. Which port-authentication network access control standard forces devices to go through a full Authentication, Authorization, and Accounting (AAA) process to get anywhere past the interface on a gateway system?
A. EAP
B. 802.1X
C. KDC
D. RADIUS
24. Which proprietary EAP authentication is used almost exclusively by Cisco on their wireless products?
A. LEAP
B. EAP-TLS
C. EAP-MS-CHAPv2
D. EAP-PSK
25. 802.1X combines the RADIUS-style Authentication, Authorization, and Accounting (AAA) with __________ versions to make a complete authentication solution.
A. PPP
B. EAP
C. MS-CHAP
D. TLS
26. Which of the following was developed as a secure replacement for Telnet?
A. Telnet II
B. Secure Shell (SSH)
C. AES
D. IPSec
27. Which term refers an encrypted link between two programs on two separate computers?
A. PKI
B. Tunnel
C. 802.1X
D. Kerberos
28. Which of the following is an authentication and encryption protocol suite that works at the Network layer of the OSI seven-layer model?
A. IPSec
B. MS-CHAP
C. Secure Sockets Layer (SSL)
D. Transport Layer Security (TLS)
29. Which statement is true of the Transport mode of IPSec?
A. Only the actual payload of an IP packet is encrypted.
B. The entire packet, including the header, is encrypted.
C. MS-CHAP authentication occurs.
D. The EAP-TLS protocol is used.
30. What causes the most common problems with HTTPS connection?
A. PKI
B. Revoked certificates
C. Bad certificates
D. Bad URLs
31. What potential problem does a browser look for after it receives a certificate from a secure HTTP site?
A. Duplicated certificate
B. Revoked certificate
C. Deleted certificate
D. Disconnected certificate
32. Which term describes an SSH-enabled program?
A. Secure Copy Protocol (SCP)
B. Telnet
C. HTTPS
D. Kerberos
33. Which protocol offers a method for querying the state of certain network devices?
A. SFTP
B. NTP
C. SNMP
D. SCP
34. SNMP uses __________ (special client programs) to collect network information from a Management Information Base (MIB), SNMP’s version of a server.
A. subroutines
B. blocks
C. bots
D. agents
35. Which protocol is the tool programs use to query and change a database used by the network?
A. LDAP
B. EAP
C. Kerberos
D. NTP
— END CHAPTER 11 —
Expert Answer
ans:–>B. ) By using a NetBIOS name
2. Within the DNS hierarchy, which term refers to the DNS servers just below the DNS root?
Ans:–> Top-level domain servers
3. Which statement is true about DNS roots?
Ans:–> They have the complete definitive name resolution table.
4. What term best describes the way the DNS name space is organized?
Ans.–> Hierarchical
5. Including the separating periods, what is the maximum number of characters allowed by the DNS naming convention?
Ans:–> 255
6. Which term is an original top-level domain name?
Ans:–>.mil
7. Which organization has the authority to create new top-level domain names?
Ans:–> ICANN
8. What UDP port do DNS servers primarily use?
Ans:–> 53
9. Which of the following is true of the names in a flat name space?
Ans:–> Names must be unique.
10. How many powerful DNS server clusters, scattered all over the world, does the DNS root contain?
Ans:–> 13
11. Which characters are not permitted in a DNS domain or host name?
Ans:–> Spaces
12. In the DNS naming convention, what character(s) separate(s) a domain name from its subdomains?
Ans:–> Period (.)
13. In the DNS naming convention, what is the correct sequence for writing a fully qualified domain name (FQDN)?
Ans:–> Host.domain.root
14. Which item is part of a fully qualified domain name (FQDN)?
Ans:–> The host name
15. In comparing the DNS name space to a computer’s file system, a domain is like __________.
Ans:–> A Folder
16. How is the address 127.0.0.1 listed in the hosts file?
Ans:–> localhost
17. What entry is made at the command prompt in UNIX/Linux to display DNS server information?
Ans:–> cat /etc/resolv.conf
18. What company handles security for a lot of the e-commerce on the Internet and also maintains two root name server clusters?
Ans:–> VeriSign
19. What information is kept in the cached lookups folder for a DNS server?
Ans:–> The IP addresses already resolved.
20. On an authoritative DNS server, which storage areas hold the IP addresses and FQDNs for the computers in a domain?
Ans:–> Forward lookup zones
21. Which DNS server is used to talk to other DNS servers to resolve IP addresses for DNS clients?
Ans:–> Authoritative server
22. Which zone files are the most important part of any DNS server?
Ans:–> Forward lookup zones
23. Which record type points to the authoritative name server?
Ans:–>SOA
24. Which zone is created on other DNS servers to act as backups to the primary zone?
Ans:–> Secondary
25. What enables a system to determine an FQDN by knowing the IP address?
Ans:–> Forward lookup zones
26. Microsoft used DNS names with the __________ protocol to provide folder and printer sharing in small TCP/IP networks.
Ans:–> SMB
27. DNS domains that are not on the Internet should use the top-level name __________.
A. .foreign
B. .root
C. .remote
D. .local
28. Which type of domain allows all of the domain controllers to be equal partners, such that any domain controller can take over if one domain controller fails?
Ans:–> Active Directory
29. Which protocol enables DNS servers to get automatic updates of IP addresses of computers in their forward lookup zones, mainly by talking to the local DHCP server?
Ans:–> Dynamic DNS
30. Which term refers to an authentication and authorization protocol designed to prevent bad guys from impersonating legitimate DNS servers?
A.ns:–>DNSSEC
31. Which command is used to force a DNS server to update its records?
Ans:-> ipconfig /registerdns
32. Which tool is the best choice for testing DNS?
Ans:-:> ping
33. Which of the following would confirm that you have a DNS problem?
Ans:–> Ping works with the IP address but not with the Web site name.
34. Which program, available on all operating systems, provides all types of information from a DNS server and allows you to query all types of information from a DNS server and change how your system uses DNS?
Ans:–> nslookup
35. If you are using NetBIOS, which command allows you to see if other local systems are visible?
Ans:–> net view
— END CHAPTER 10 —
Chapter 11
Securing TCP/IP
1. Which term means to scramble, to mix up, and to change data in such a way so that the wrong people cannot read it, but the right people can unscramble it?
Ans:–> Encryption
2. Which term defines what an authenticated person can do with data?
Ans:–> Authorization
3. Which term refers to a cipher’s underlying mathematical formula?
Ans:–> Encryption
4. Which term refers to the result of running cleartext through a cipher algorithm using a key?
Ans:–> Ciphertext
5. Which block cipher is used by most TCP/IP applications?
Ans:–>Advanced Encryption Standard (AES)
6. Which algorithm is the oldest of the TCP/IP symmetric-key algorithms?
Ans:–> Data Encryption Standard (DES)
7. Which type of encryption is the most popular form of e-mail encryption?
Ans:–>Public-key cryptography
8. Which type of algorithm is used when two different keys are used in encryption?
Ans:–> Asymmetric-key
9. Which layer of the OSI model is a common place for encryption using proprietary encryption devices?
Ans:–> Layer 2
10. Which term describes a mathematical function that you run on a string of binary digits of any length that results in a value of some fixed length?
Ans:–> Hash
11. Which cryptographic hash comes in several versions?
Ans:–> Secure Hash Algorithm (SHA)
12. Which term refers to a standardized type of digital signature that includes the digital signature of a third party?
Ans:–> Certificate
13. Which organization is the biggest player in the certificate authority market?
Ans:–> VeriSign
14. Which authentication method is the most common authentication method for dial-up connections?
Ans:–> MS-CHAPv2
15. Which standard offers authentication, authorization, and accounting?
Ans:–> RADIUS
16. Which standard offers authentication, authorization, and accounting?
Ans:–>. Terminal Access Control Access Control System Plus (TACACS+)
17. Which authentication protocol is used in a TCP/IP network where many clients all connect to a single authenticating server with no point-to-point involved?
Ans:–>Kerberos
18. Which port does the Kerberos authentication protocol use?
Ans:–> 88
19. What is another name for a timestamped service ticket?
Ans:–> Token
20. Which technology is not a true protocol in the classic sense?
Ans:–> EAP
21. Which authentication method is the most popular form of authentication used in wireless networks today?
Ans:–> EAP-PSK (Personal Shared Key)
22. EAP is not a protocol in the classic sense, but rather, it is a PPP __________ that EAP-compliant applications can use to accept one of many types of authentication.
Ans:–> wrapper
23. Which port-authentication network access control standard forces devices to go through a full Authentication, Authorization, and Accounting (AAA) process to get anywhere past the interface on a gateway system?
Ans:–>802.1X
24. Which proprietary EAP authentication is used almost exclusively by Cisco on their wireless products?
Ans:–>. LEAP
25. 802.1X combines the RADIUS-style Authentication, Authorization, and Accounting (AAA) with __________ versions to make a complete authentication solution.
Ans:-> EAP
26. Which of the following was developed as a secure replacement for Telnet?
Ans:–> Secure Shell (SSH)
27. Which term refers an encrypted link between two programs on two separate computers?
Ans:–> Tunnel
28. Which of the following is an authentication and encryption protocol suite that works at the Network layer of the OSI seven-layer model?
Ans:–> IPSec
29. Which statement is true of the Transport mode of IPSec?
A. Only the actual payload of an IP packet is encrypted.
B. The entire packet, including the header, is encrypted.
C. MS-CHAP authentication occurs.
D. The EAP-TLS protocol is used.
30. What causes the most common problems with HTTPS connection?
Ans:–> Bad certificates
31. What potential problem does a browser look for after it receives a certificate from a secure HTTP site?
A. Duplicated certificate
B. Revoked certificate
C. Deleted certificate
D. Disconnected certificate
32. Which term describes an SSH-enabled program?
Ans:–>. Secure Copy Protocol (SCP)
33. Which protocol offers a method for querying the state of certain network devices?
Ans:–>SNMP
34. SNMP uses __________ (special client programs) to collect network information from a Management Information Base (MIB), SNMP’s version of a server.
A. subroutines
B. blocks
C. bots
D. agents
35. Which protocol is the tool programs use to query and change a database used by the network?
Ans:–> LDAP