A network engineer is configuring a GRE tunnel to connect two remote sites over the internet. What additional security mechanism should they consider implementing to protect the data?
- IPsec
- SSL
- TLS
- SSH
When configuring a GRE tunnel, additional security can be provided by implementing IPsec to encrypt the data transmitted between the remote sites over the internet.
If a network administrator is configuring a router to connect different IP networks, which layer of the TCP/IP model are they primarily working with?
- Application
- Data Link
- Network
- Transport
The network layer of the TCP/IP model (equivalent to the OSI model's Layer 3) is primarily responsible for routing and connecting different IP networks.
To avoid overlapping subnets in VLSM, network administrators must ensure ________ between subnet boundaries.
- Consistency
- Continuity
- Separation
- Synchronization
To avoid overlapping subnets in VLSM, network administrators must ensure separation between subnet boundaries.
A network engineer needs to configure a device to send real-time alerts for specific events. Which SNMP component should they configure?
- SNMP Manager
- SNMP Agent
- SNMP Trap
- SNMP Get
To send real-time alerts for specific events, the SNMP Trap component should be configured on the device. SNMP Trap allows devices to send unsolicited messages (traps) to a central SNMP manager.
What is the primary purpose of DHCP in a network?
- Assigning IP addresses dynamically
- Resolving domain names to IP addresses
- Managing network security
- Establishing physical connections
DHCP (Dynamic Host Configuration Protocol) is primarily used for dynamically assigning IP addresses to devices on a network.
In an organization, an auditor requires a system that can report on all individual user activities across network devices. Which aspect of AAA should be emphasized?
- Authentication
- Authorization
- Accounting
- Auditing
The Accounting aspect of AAA (Authentication, Authorization, and Accounting) is emphasized when reporting on individual user activities across network devices.
A company's security policy requires masking the internal IP addresses when accessing external websites. What configuration should the network engineer implement?
- Dynamic NAT
- NAT Overload
- PAT
- Static NAT
Static NAT should be implemented to mask internal IP addresses when accessing external websites, as it provides a one-to-one mapping of internal and external addresses.
An IPv4 address is typically divided into two parts: the ________ and the host identifier.
- Gateway
- Network portion
- Prefix
- Subnet portion
An IPv4 address is typically divided into two parts: the network portion and the host identifier. The network portion identifies the network to which the host belongs.
In basic access-list configuration, which command is used to permit or deny traffic based on IP address?
- ALLOW
- DENY
- PERMIT
- BLOCK
In basic access-list configuration, the "deny" command is used to deny traffic based on IP address.
Which approach in network troubleshooting involves dividing the network into smaller segments or components to isolate the problem area?
- Top-Down
- Bottom-Up
- Divide and Conquer
- Lateral
The "Divide and Conquer" approach involves dividing the network into smaller segments or components to isolate the problem area systematically.