Managing Network Settings

Question 1

Which DNS option digitally signs records in a DNS zone?

Answer 1

DNSSEC

Question 2

Virtual networks can be created in both a cloud environment and an _______.

Answer 2

on-premises virtualization environment

This highlights the versatility of virtual networks across different setups.

Question 3

What is the purpose of segregating network devices on their own networks?

Answer 3

• Enhance security
• Protect sensitive data

Segregation can be achieved through VLANs or isolated networks.

Question 4

When configuring a virtual network, what does enabling local DHCP service do?

Answer 4

Distributes IP addresses to VMs

This simplifies network configuration for virtual machines.

Question 5

To connect a virtual machine to a newly added virtual network, what must be modified?

Answer 5

Each virtual machine’s network settings

This ensures the VM is linked to the correct network.

Question 6

What is the purpose of the DHCP settings in the Virtual Network Editor?

Answer 6

• Set lease interval for clients
• Specify starting and ending IP addresses

These settings help manage IP address allocation for connected devices.

Question 7

Fill in the blank: A NAT network shares the host’s _______ with virtual machines.

Answer 7

IP address

This allows VMs to access external networks while keeping them isolated.

Question 8

What is the purpose of VLANs in network configuration?

Answer 8

• Network segregation
• Performance improvement
• Isolation of sensitive stations

VLANs allow for breaking up a single Ethernet switch into multiple networks for better management and security.

Question 9

What are the two network services widely used in networks?

Answer 9

• DNS
• DHCP

These services are essential for both personal and organizational networks.

Question 10

What is one method to harden devices running DHCP and DNS?

Answer 10

• Apply patches
• Use Firewall settings

Hardening involves securing the devices against potential attacks.

Question 11

What can an attacker do if they compromise a DHCP host?

Answer 11

Specify a fraudulent DNS server for clients

This can redirect clients to malicious websites.

Question 12

What is the purpose of Vendor Classes in DHCP?

Answer 12

To assign DHCP settings for specific device types

This helps in identifying and managing traffic from certain devices.

Question 13

Fill in the blank: DNSSEC is used to __________.

Answer 13

digitally sign DNS zones

This ensures the integrity and authenticity of DNS data.

Question 14

What is the role of Group Policy Management in DNS?

Answer 14

To configure centralized settings for DNS clients

This can enforce policies like requiring DNSSEC validation.

Question 15

Why is a shorter lease duration beneficial for in DHCP?

Answer 15

Shorter lease duration prevents exhaustion of IP addresses and allows devices to have plent of IPs to temporarily connect to a network

Important in environments with many transient users.

Question 16

What is the significance of digitally signing a DNS zone?

Answer 16

Clients can verify the validity of the signature

This helps ensure that the DNS data has not been tampered with.

Question 17

What should be configured in Group Policy for DNSSEC?

Answer 17

Require DNS clients to check data validation

This enhances security by ensuring clients validate DNS responses.

Question 18

Wi-Fi router hardening notes

Answer 18

The first step in protecting a Wi-Fi router is at the network level

This is crucial for both enterprise and home networks, especially with the rise of remote work.

Question 19

What security setting is recommended for a Wi-Fi router?

Answer 19

WPA/WPA2-Personal

This requires a pre-shared key or password for connecting devices.

Question 20

Fill in the blank: The Wi-Fi router acts as a _______ client when using WPA/WPA2-Enterprise.

Answer 20

RADIUS

Connecting devices are referred to as supplicants.

Question 21

What does the RADIUS server do in a WPA/WPA2-Enterprise setup?

Answer 21

RADIUS servers authenticate client connections

It performs user authentication instead of the Wi-Fi router.

Question 22

What is the default port for RADIUS servers?

Answer 22

UDP port 1812

This port can be changed, but 1812 is the standard.

Question 23

True or false: WEP is a recommended security protocol for Wi-Fi networks.

Answer 23

FALSE

WEP is deprecated and should not be used.

Question 24

What can be enabled for a guest network on a Wi-Fi router?

Answer 24

• Different network name
• Open or secured access

Guest networks can have varying security settings.

Question 25

What does hiding the **SSID** accomplish?

Answer 25

Makes the network name invisible ## Footnote Users must know the network name to connect.

Question 26

What is a potential risk of enabling **DHCP** on a secured Wi-Fi network?

Answer 26

A potential **risk** of *enabling* DHCP is a DoS attack ## Footnote Attackers can spoof connections to consume all available IP addresses.