To enhance security, a network administrator needs to restrict access to the SSH and Telnet services on their routers. Which type of ACL would be most appropriate for this purpose?
- Extended ACL
- Named ACL
- Reflexive ACL
- Standard ACL
An extended ACL is suitable for filtering based on specific services such as SSH and Telnet, using port numbers.
An ISP needs to manage different types of traffic from various customers effectively. Which QoS strategy should they employ to ensure fair bandwidth distribution?
- Class-Based Weighted Fair Queuing (CBWFQ)
- Traffic Shaping
- Weighted Random Early Detection (WRED)
- Hierarchical Queuing Framework
Class-Based Weighted Fair Queuing (CBWFQ) allows ISPs to manage different types of traffic effectively by assigning bandwidth based on defined classes, ensuring fair distribution.
A network technician is troubleshooting a connection problem and needs to verify the path of the packets at the network level. Which OSI layer should they focus on?
- Data Link
- Network
- Physical
- Transport
The network layer (Layer 3) is responsible for packet forwarding, routing, and addressing, making it crucial for troubleshooting the path of packets at the network level.
In STP, which type of port directly forwards frames and participates in the active topology?
- Blocking Port
- Designated Port
- Non-Designated Port
- Root Port
A designated port in STP directly forwards frames and participates in the active topology, ensuring the loop-free operation of the network.
An organization requires a centralized logging solution for their multi-vendor network devices. Which protocol would best suit this requirement?
- Syslog
- SNMP
- NetFlow
- ICMP
Syslog is a protocol used for centralized logging in a network. It is suitable for collecting and managing logs from multi-vendor network devices.
To prevent unauthorized device access, it is recommended to change ________ regularly.
- IP address
- MAC address
- Passwords
- Encryption keys
To prevent unauthorized device access, it is recommended to change passwords regularly.
The technique of _________ can help in optimizing the performance of a network by reducing the number of individual routes advertised.
- BGP
- OSPF
- Route Redistribution
- Route Summarization
The technique of route summarization can help optimize network performance by reducing the number of individual routes advertised, leading to more efficient routing tables.
In a network setup, which device is used to filter and forward packets between LAN segments based on MAC addresses?
- Bridge
- Hub
- Router
- Switch
A bridge is used to filter and forward packets between LAN segments based on MAC addresses in a network setup.
What is the difference between a site-to-site VPN and a remote access VPN?
- Site-to-Site VPNs connect entire networks, while Remote Access VPNs connect individual users to a network.
- Site-to-Site VPNs use SSL/TLS encryption, while Remote Access VPNs use IPSec.
- Site-to-Site VPNs are only suitable for small organizations, while Remote Access VPNs are suitable for large enterprises.
- Site-to-Site VPNs are always faster than Remote Access VPNs.
A site-to-site VPN connects entire networks, allowing multiple users to access the network, while a remote access VPN connects individual users to a network.
Which type of firewall examines network traffic based solely on IP addresses and ports?
- Stateful firewall
- Proxy firewall
- Packet-filtering firewall
- Application-layer firewall
A packet-filtering firewall examines network traffic based solely on IP addresses and ports.