Review Questions for Ch 12
1. If, after several tries, you cannot reproduce symptoms of a problem, what might you suspect is its cause?
2. Which of the following symptoms probably points to a physical connectivity problem?
3. Which part of the network should you examine if a network problem affects a single workstation?
4. You are troubleshooting a problem in which a dial-in remote user claims he cannot make a connection to your
organization’s access server. Of the following steps, which should you take first and second as you diagnose
Answer: D, then B.
5. You have recently resolved a problem in which a user could not print to a particular shared printer, by
upgrading her workstation’s client software. Which of the following might be an unintended consequence of
6. Answering which two of the following questions may help you identify the demographic scope of a problem?
Answer: C and D.
7. Which of the following is a characteristic symptom of a gateway failure?
Answer: A. Under what circumstances should you try swapping equipment?
Answer: When you suspect that a problem is dues to a component malfunctioning or failing, you should try
swapping out the component with an identical (and known functional) one.
8. You have just discovered that your backup device is not properly writing files to your backup media. Which
of the following would be the last two steps you take in troubleshooting this problem?
Answer: E, then B.
9. Which of the following is an example of a network change that could cause a group of workstations to lose
connectivity to one local file server?
10. Which of the following tools could you use to determine whether a user’s workstation is transmitting packets
in the proper Ethernet frame type for your network?
11. Which of the following symptoms would definitely be present if your Ethernet network length exceeds the
maximum specified by IEEE standards?
12. Which member of the IT staff is usually the first to receive notice of a network problem?
13. If you don’t have the manual for your 3Com NIC, how can you find out whether it supports promiscuous
14. What kind of tool would you use to verify that your new cable meets CAT5 standards?
15. Which TCP/IP command can you use to find out whether a workstation’s TCP/IP stack is operating properly?
16. Where is crosstalk most likely to occur?
Answer: Crosstalk is often caused by wires being crushed or crossed at the connector end of a cable. For this
reason, you can accurately test for crosstalk only after a cable is installed, and you should perform the test at
both ends of the wire.
17. Which two of the following tools can help you determine whether your Thinnet connection has the proper
amount of impedance at each end?
Answer: B and D.
18. Which of the following frequently results in negative frame sequence checks?
19. Which of the following frequently causes a jabber?
20. With what operating system does NetMon work?
Answer: E. NetMon (Network Monitor) is a network monitoring package that comes with Windows NT
Server 4.0 and Windows 2000 operating systems.
21. The LANalyzer agent can help you determine when network traffic exceeds 50%. True or False?
Answer: True. LANalyzer can respond to thresholds.
22. If you wanted to determine the average daily traffic on your network’s backbone, what type of tool would you
23. Name two advantages of using a sniffer over using NetMon or LANalyzer.
Answer: Sniffers are mobile, so they can be moved from one segment (or network) to another, and they do not
depend on another operating system, so they can pick up error data that the operating system might discard.
24. Which two of the following functions can both network monitors and network analyzers perform?
Answer: A and E. Both network monitors and analyzers can capture and analyze data from any node to
another, detect excessive errors or utilization, discover nodes on the network, created reports of traffic data,
and reproduce network conditions by transmitting a selected amount and type of data.
25. How do switches affect network analyzers?
Answer: B. Using a switch logically separates a network into several segments. If a network is fully switched,
that is, if every node is connected to its own switch port, your network analyzer can on capture broadcast
packets and packets destined for the node where you’re running the software, because those are the only
packets that will travel through a switched environment.
26. You can typically use the same sniffer for your Token Ring and ATM networks. True or False?
27. You have just purchased a new network adapter to replace the faulty network adapter in your file server. The
adapter is so new that your Windows 2000 Server software does not provide a device driver for it. As you
install the network adapter, where should you obtain the device driver from?
28. You work in a small office with only six employees and a small, peer-to-peer network that used a single hub
to connect all the workstations. One day you glance at the hub and notice that one of the port’s LEDs has gone
from blinking green to blinking amber. What can you conclude about the workstation connected to that port?
29. Which of the following is a network change that does not need to be recorded in the change management
Answer: D. Trivial changes do not have to be recorded in a change management system. These might include
changing a user’s password, creating a new network group, moving a patch cable to a different hub, moving a
networked workstation, etc.
Review Questions of Ch 13
1. Which of the following is not a benefit of a baselining tool?
2. Name three network characteristics that might belong in a baseline measurement.
Answer: Any three of the following:
Percent utilization on your network backbone
Number of users per day or per hour
Number of protocols that run on your network
Statistics about errors (such as runts, collisions, jabbers, or giants)
How frequently networked applications are used
Or which users take up the most bandwidth
3. If you were planning to purchase a baselining tool for your network, which of the following is one factor you
would not use to evaluate your options?
4. What hardware-related data might you record in an asset management system and why?
Answer: Number and locations of components on the network, each device’s configuration files, model
number, serial number, and a technical contact for support. This information can affect purchasing decisions,
improve technical support, and assist in proactive hardware maintenance.
5. Some asset management programs can automatically discover all devices on a network. True or False?
6. Which of the following times would be the best time to install a patch to your network operating system?
Answer: C. It’s best to schedule any kind of software change, particularly one that impacts the network
operating system, after hours, or at the very least, when few people will be accessing the system.
7. How does a software patch differ from an upgrade?
Answer: D. While an upgrade usually changes a significant part, if not all, of the code in a program, a patch
only changes a small piece of the code.
8. Under what circumstances should network administrators inform users of software changes?
Answer: B. Optimally, network administrators should inform users of any upgrade to a piece of software they
use or rely on, including client upgrades, application upgrades, and network operating system upgrades. Any
kind of upgrade has the potential to at least change the look and feel of a program. At worst, it might have
unanticipated consequences on other programs or reduce the functionality of the upgraded program.
9. Name five considerations you should address before undertaking a network operating system upgrade.
Answer: Any 5 of the following (in addition to the considerations addressed with any other kind of software
upgrade, such as “Is it necessary?”):
How will the upgrade affect user ids, groups, rights, and policies?
How will the upgrade affect file, printer, and directory access on the server(s)?
How will the upgrade affect applications or client interactions on the server(s)?
How will the upgrade affect configuration files, protocols, and services running on the server(s)?
How will the upgrade affect the server’s interaction with other devices on the network?
How accurately can you test the upgrade software in a simulated environment?
How can you leverage the new operating system to enable your system to perform more efficiently?
What is your technical support arrangement with the operating system’s manufacturer should you need
help in the midst of an upgrade?
Have you allotted enough time to perform the upgrade (for example, would it be more appropriate to do it
over a weekend rather than overnight?)?
Have you ensured that the users, help desk personnel, and system administrators understand how the
upgrade will affect their daily operations and support burdens?
10. When considering a major upgrade, such as a network operating system or backbone upgrade, you should
depend on a manufacturer’s Web site materials to determine whether the upgrade is necessary and useful.
True or False?
11. What is another name for reversing a software upgrade?
Answer: B. backleveling
12. Which of the following is the best way to reverse a network operating system upgrade?
Answer: D. Most likely you would have created a complete backup of the system, and you could recover that
backup to reverse the process. Otherwise, the software vendor might have provided a way to backlevel the
upgrade. However, you should do this as a last resort.
13. Name three reasons to perform a hardware upgrade on a network.
Answer: To increase capacity, improve performance, correct a problem, or add functionality to the network.
14. Which of the following changes probably requires the most planning?
15. You can assume that installing a switch from one manufacturer is similar to installing a hub from the same
manufacturer. True or False?
16. Why are cabling and backbone upgrades often implemented in phases?
Answer: Because they affect every user and function on the network, and because these upgrades require
downtime, usually network administrators perform the upgrade in phases because they do not want to take
down everyone simultaneously.
17. What is the first step in a backbone upgrade?
Answer: A. Since backbone upgrades are so costly and comprehensive, you must perform a cost vs. benefit
analysis: do the advantages of the backbone upgrade outweigh the costs, in hardware, effort (staff time), and
18. Name two good reasons to perform a backbone upgrade.
Answer: Some examples of backbone upgrades include:
Migrating from Token Ring to Ethernet
Migrating from Ethernet to ATM
Migrating from a slower technology to a faster one, or replacing all routers with switches (to make use of
VLANs, for example)
A variety of needs may drive these upgrades:
Faster throughput Making the network more cost effective
A physical move or renovation
A more reliable network
More consistent standards
Support of a new application
For example, switching from Token Ring to Ethernet may make a LAN less expensive to maintain because
Ethernet’s components are economical and technical support may be easier to find. The need for faster throughput
may prompt an upgrade from an old Ethernet technology to Gigabit Ethernet. The need to support
videoconferencing may require a backbone upgrade from CAT 5 to fiber and from Ethernet to ATM.
19. Which of the following networking trends makes security a greater concern for network managers?
20. Which of the following is the best way to research a new networking technology you are considering
Review Questions of CH14
1. Describe five scenarios that might detrimentally affect the integrity or availability of your network’s data.
Answer: Any of the following:
Fire Human error
Hurricane System or data link fault
Tornado Security breach
2. Which of the following percentages represents the highest availability for a network?
3. To ensure that a system change does not detrimentally affect integrity and availability, what information
should you record about the change?
4. Which of the following symptoms might make you suspect that your workstation is infected with a macro
5. Why are stealth viruses difficult to detect?
6. Name three key components of an enterprise-wide anti-virus policy.
Answer: An enterprise wide anti-virus policy should include instructions for users on:
How to recognize viruses
How to run and use anti-virus software
What to do in case a virus is detected on one’s system
How to copy new files from the Internet or from a floppy disk
What will happen if users don’t follow the anti-virus policy
7. Which of the following is a popular anti-virus program?
8. A worm is a type of polymorphic virus. True or false?
Answer: False. A worm is a separate program that moves from machine to machine. Although worms are
not harmful, they may carry viruses.
9. How does a Trojan Horse disguise itself?
10. Which of the following techniques does a polymorphic virus employ to make itself more difficult to
11. If your anti-virus software uses signature scanning, what must you do to keep its virus-fighting capabilities
12. What might you tell a user who receives what seems to be a virus hoax message?
13. Describe the main difference between a fault and a failure.
Answer: A fault is a breakdown of one element of a system. A failure is a complete loss of service for that
system. A fault may cause a failure.
14. Fail-over is a technique used in highly fault tolerant systems. True or False?
15. What makes components hot swappable?
16. Over time, what might electrical line noise do to your system?
17. How long will an online UPS take to switch its attached devices to battery power?
Answer: D. An online UPS takes no time to switch an attached device to battery power, because a device
attached to an online UPS is always using its battery.
18. Which of the following is the most highly fault tolerant network topology?
19. Which characteristic of SONET rings makes them highly fault-tolerant?
20. Describe how load balancing between redundant NICs works.
Answer: In load balancing, two identical components share responsibility for processing, transmitting, or
storing data. Redundant NICs on a server can use load balancing to dynamically share the sending and
receiving of data to and from the server.
21. Why is simple disk striping not fault tolerant?
22. Why is RAID 5 superior to RAID 3?
Answer: In RAID Level 5, data is written in small blocks across several disks, and in addition, parity error
checking information is distributed among the disks. The advantages to using RAID Level 5 are that it has
excellent performance when writing data because the parity information doesn’t have to contend for the
same I/O resources and that it allows failed disks to be swapped out and replaced with good disks without
any interruption of service. In RAID level 3, on the other hand, while error checking and parity are both
employed, the error checking information is stored on only one disk, making recovery slightly slower in
the case of a disk failure.
23. Which of the following can be considered an advantage of server clustering over server mirroring?
24. What is currently the greatest disadvantage to using server clustering?
25. List four considerations you should weigh when deciding on a data backup solution.
Answer: To select the right tape backup solution for your network, you should consider the following:
Data error checking techniques
Cost of tape drive, software, and media
Compatibility with existing network hardware and software
Extent of automation
26. Which factor must you consider when using online backups that you don’t typically have to consider when
backing up to a LAN tape drive?
27. In a grandfather-father-son backup scheme, the October—week 1—Thursday backup tape would contain
what types of files?
Answer: C. Typically this tape would contain only files that are new or changed since the October—Week
1—Wednesday backup, and this tape would be reused for the October—Week 2—Thursday backup.
28. Which of the following is a major disadvantage to performing full system backups on a daily basis?
29. How can you verify the accuracy of tape backups?
Answer: To verify the accuracy of tape backups, regularly test the recovery process to make sure that your
backups worked and that you can retrieve a backed up file.
30. Name four components of a smart disaster recovery plan.
Answer: A disaster recovery plan should specifically address:
Contact names for emergency coordinator(s) who will execute the disaster recovery response in case of
Roles and responsibilities of other staff
Details on what data and servers are being backed up
How frequently backups occur
Where backups are kept (offsite)
Most importantly, how backed up data can be recovered in full
Details on network topology, redundancy and agreements with national service carriers, in case local
or regional vendors are taken down by the same disaster
Regular strategies for testing the disaster recovery plan
A plan for managing the crisis, including regular communication with employees and customers.
Consider the possibility of regular communication modes (such as phone lines) being unavailable
Review Questions for Ch15
1. If you have root privileges on a system, you could delete user IDs from that system. True or False?
2. What do you call manipulating people to get them to reveal confidential information, such as their passwords?
3. Which of the following is the most secure password?
4. Which of the following would not typically be used for authenticating to a system?
Answer: D and E.
5. Name three different security risks associated with people.
Answer: Any three of the following:
Intruders or attackers may use social engineering or snooping to obtain user passwords
An administrator may incorrectly create or configure user ids, groups, and their associated rights on a
file server, resulting in file and login access vulnerabilities
Network administrators may overlook security flaws in topology or hardware configuration
Network administrators may overlook security flaws in operating system or application configuration
Lack of proper documentation and communication of security policies may lead to deliberate or
inadvertent misuse of files or network access
Dishonest or disgruntled employees may abuse the file and access rights they’ve been given
A computer or terminal left logged into the network while its operator goes away may provide an entry
point for an intruder
Users or even administrators choose passwords that are easy to guess
Authorized staff may leave computer room doors propped open or unlocked, allowing unauthorized
individuals to enter
Staff may discard disks or backup tapes in “public” waste containers
Administrators may neglect to remove access and file rights for employees who have left the
6. What is the most likely way that a network’s security will be compromised?
7. Which device could a cracker use to intercept and interpret transmissions between one router and another router
on a WAN?
8. Accepting the default options for security on a server-based application is usually a good policy. True or False?
9. If someone obtains one of your LAN’s internal IP addresses and uses it to gain access through your firewall
from the Internet, he is using what method of security attack?
10. The UDP protocol is more secure than the TCP protocol. True or False?
If someone floods your LAN’s router with excessive traffic so that your legitimate traffic cannot go out or come in,
what method of security attack is he or she using?
11. Which of the following is not typically addressed in a security policy?
12. What is the primary purpose for establishing a security response team?
13. What should an organization do to assess its potential security risks?
14. Name four questions that should be addressed in a security audit.
Answer: Questions to ask as part of a security audit that address your organization’s physical
Which rooms contain critical systems or data and need to be secured?
Through what means might intruders gain access to the facility, computer room, telecommunications
room, wiring closet, or data storage areas?
How and to what extent are authorized personnel given entry?
Are employees instructed to ensure security after entering or leaving secured areas (not to prop open
Are authentication methods difficult to forge or circumvent?
Are periodic physical security checks made by supervisors or security personnel?
Are all combinations, codes, or other access means to computer facilities protected at all times, and are
these combinations changed periodically?
Is a plan in place for documenting and responding to physical security breaches?
15. What’s the simplest way to stop a denial of service attack on a server?
16. Which of the following transmission media is the most secure?
17. Which of the following encryption methods is most commonly used on a VPN?
18. Which two of the following do not contribute to a network’s physical security?
Answer: B and E.
19. Which of the following network operating system restrictions is most likely to stop a cracker who is attempting
to discover someone’s password?
20. Name four different criteria that a packet filtering firewall might use for filtering traffic.
Answer: Any four of the following:
Source and destination IP addresses
Source and destination ports (for example, ports that supply TCP/UDP connections, FTP, Telnet,
SNMP, RealAudio, etc.)
TCP, UDP, or ICMP protocol
Whether a packet is the first packet in a new data stream or a subsequent packet
Whether the packet is inbound or outbound to or from your private network
Whether the packet came from or is destined for an application on your private network.
21. At which two layers of the OSI Model do a packet filtering firewall operate?
22. Before a firewall can effectively filter unwanted traffic, it must be:
23. Which of the following best describes the function of a proxy server?
24. Which of the following security risks does using the callback feature on a remote control application address?
25. If a company wants to save office leasing costs and allow 50 of its employees to work at home, what type of
arrangement would be the most secure, practical, and economical for granting home workers access to the
26. What service does PPTP provide?
27. If you are entering your account number in a Web page to gain access to your stock portfolio online, which of
the following encryption methods are you most likely using?
28. In general, the longer the key, the more secure the encryption. True or False?
29. PGP is frequently used for what type of network communication?
Review Questions for Ch16
1. What type of chart is used in project management to express how tasks will occur over a horizontal timeline?
2. What do you call a task that must be completed before another task can begin?
3. What is the purpose of a milestone?
4. Who would be a likely sponsor for a network backbone upgrade?
5. In a project to upgrade the version of Microsoft Exchange on the network, a receptionist who uses Exchange is
an example of a project stakeholder. True or False?
6. In what type of situation might additional funding have no impact on an enterprise’s ability to complete a
project more quickly?
7. Name four benefits of effective communication among project participants.
Answer: Some benefits of communication on a project include:
Ensure that a projects’ goals are understood by participants, stakeholders, and sponsors
Keep a project’s timeline and budget on track
Encourage teamwork among participants
Allow you to learn from previous mistakes
Prevent finger-pointing if a task is not completed correctly or on time
Prevent duplication of efforts
Ensure that stakeholders are prepared for the effects of change
8. What type of process can be managed to improve the efficiency of how modifications to a project plan are
9. Which pre-defined process can help you recover when a project suffers a setback?
10. Which of the following implementation steps should come first?
11. Which step in the implementation of network projects should precede the final release of changes to all users?
12. What is the last step in a network implementation project?
Answer: Rewriting and updating network documentation, including baseline information, so that it is current.
13. Why is it sometimes advisable to hire external consultants to perform a feasibility study?
Answer: Consultants will not make assumptions (they’ll provide an objective viewpoint).
14. Which of the following is a good example of test criteria that can be used to evaluate the success of a network
15. Baselining will help you determine how long a project should take to complete. True or False?
16. What can you do if your needs assessments interviews indicate that two groups of customers have conflicting
17. Why does it cost significantly more to achieve 99.99% availability than it does to achieve 99.5% availability?
Answer: Because it requires buying much more redundant hardware and connectivity, which is more expensive
than redundant components or using software-based fault tolerance techniques.
18. Which of the following questions should you ask your organization’s management staff so as to better
determine scalability needs?
19. Give two examples of projects that might be driven by security concerns.
Answer: Examples of projects driven by security needs include:
Installation of firewalls at WAN locations
Modifications to firewall or router configurations or operating systems
Implementation of intrusion detection systems
A company-wide effort to enforce security policies, such as good password selection.
20. If you were planning a project to replace all 25 routers in your enterprise-wide network with switches, what
kind of pilot network might you design to test whether the switches will work as planned?
Answer: A pilot network that includes the same types of workstations and at least one of the exact model of
switches that will be implemented on the new network.