ROLLBACK PLAN

pdf

School

Western Governors University *

*We aren’t endorsed by this school

Course

C846

Subject

Computer Science

Date

Jan 9, 2024

Type

pdf

Pages

4

Uploaded by camylikobe

Report
ROLLBACK PLAN Explanation OBJ-3.2: The purpose of a rollback plan is to document at every point during the deployment of a change or upgrade where you can stop the deployment and return to a known good state. Question 25: Correct Dion Training is adding a new screen subnet that will host a large number of VDIs and wants to assign them a small portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of 187.15.3.0/24. There will be a total of 105 VDI clients that will each need an IP address assigned. What is the correct CIDR notation for the new subnet in order to accommodate the 105 VDI clients while allocating the minimum number of addresses? /25 Explanation OBJ-1.4: To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed. In this scenario, you have 105 clients that will each need an IP address, but you also need one IP address for the network and a second IP for the broadcast. This means you need 107 IP addresses total. IP addresses are assigned in multiples of 2 (1, 2, 4, 8, 16, 32, 64, 128, 256). Since we need 107 IP addresses, we need to round up to a block of 128. To symbolize a CIDR block with 128 IP addresses, we would use /25, which is 2^7 =128. Question 26: Correct What device is used to configure various hypervisor guests to use different VLANs in the same virtualization environment? virtual switch Explanation OBJ-1.2: A virtual switch (vSwitch) is a software application that allows communication between virtual machines. A vSwitch does more than just forward data packets, it intelligently directs the communication on a network by checking data packets before moving them to a destination. Question 27: Correct A technician is setting up a new network and wants to create redundant paths through the network. Which of the following should be implemented to prevent performance degradation within the network? Spanning Tree Explanation OBJ-2.3: The Spanning Tree Protocol (STP) is a network protocol that builds a logical loop-free topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. If you have redundant links set up, it is important to utilize STP to prevent loops within the network. If a loop occurs, the performance of the entire
network can be degraded due to broadcast storms. Port mirroring is used on a network switch to send a copy of network packets seen on one switch port to a network monitoring connection on another switch port. Dynamic ARP Inspection (DAI) is a security feature that validates Address Resolution Protocol (ARP) packets in a network. DAI allows a network administrator to intercept, log, and discard ARP packets with invalid MAC address to IP address bindings. A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2). Port mirroring, ARP inspection, and VLANs do not add any redundancy to the network. Question 28: Correct Which of the following is a security concern with using a cloud service provider and could result in a data breach caused by data remnants? Rapid elasticity Explanation OBJ-1.8: Rapid elasticity can be a security threat to your organization's data due to data remanences. Data remanence is the residual representation of digital data that remains even after attempts have been made to remove or erase it. So, when a cloud resource is deprovisioned and returned to the cloud service provider, it can be issued to another organization for use. If the data was not properly erased from the underlying storage, it could be exposed to the other organization. For this reason, all cloud-based storage drives should be encrypted by default to prevent data remanence from being read by others. Metered services are pre-paid, a-la-carte, pay- per-use, or committed offerings. A metered service like a database may charge its users based on the actual usage of the service resources on an hourly or monthly basis. For example, Dion Training used the AWS Lambda serverless product in some of our automation. This service charges us $0.20 for every 1 million requests processed. Resource pooling refers to the concept that allows a virtual environment to allocate memory and processing capacity for a VMs use. On- demand refers to the fact that a consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider. Question 29: Correct (This is a simulated Performance-Based Question. On the real exam, you may be given a chart with numerous ports and protocols and be asked to drag and drop them to match the ports with the protocols.) What ports do SMTP and SNMP utilize? 25,161 Explanation OBJ-1.5: SMTP (Simple Mail Transfer Protocol) uses port 25. SNMP (Simple Network Management Protocol) uses port 161. Port 23 is used by Telnet. Port 445 is used by the Server Message Block (SMB) protocol. Port 3389 is used by the Remote Desktop Protocol (RDP). Port 443 is used by the Hypertext Transfer Protocol Secure (HTTPS). If this were a question on the real exam, you would see a list of ports on one side and a list of protocols on the other, and you would drag and drop each one to match them up. Question 30: Correct
You have been assigned to assist with deploying a new web-based application to your company's intranet. After installing the application, it was identified that the database server is becoming overloaded by the number of requests that the users create. The team lead has proposed adding a device between the web server and the database server to alleviate the issue. Which of the following is being implemented by adding this new device? Implement load balancing and provide high availability Explanation OBJ-3.3: The device being added is most likely a load balancer. Adding this device will allow the delivery team to install a series of database servers to handle the requests by dividing the incoming requests among the various servers. NIC teaming would be an action that occurs on the database server itself. It is not a separate device. The other options are focused on troubleshooting efforts, not increasing the database server's capability or availability. Question 31: Correct You are working as a service desk analyst. This morning, you have received multiple calls from users reporting that they cannot access websites from their work computers. You decide to troubleshoot the issue by opening up your command prompt on your Windows machine and running a program to determine where the network connectivity outage is occurring. This tool tests the end-to-end connection and reports on each hop found in the connection. Which tool should you use to determine if the issue is on the intranet portion of your corporate network or if it is occurring due to a problem with your ISP? tracert Explanation OBJ-5.3: Tracert is a command-line utility used to trace an IP packet's path as it moves from its source to its destination. While using ping will tell you if the remote website is reachable or not, it will not tell you where the connection is broken. Tracert performs a series of ICMP echo requests to determine which device in the connection path is not responding appropriately. This will help to identify if the connectivity issue lies within your intranet or is a problem with the ISP's connection. The nslookup tool is used to troubleshoot DNS issues. The netstat tool is used to display network statistics and active connections. The ping tool is used to test an end-to-end connection, but it will not provide any data on the hops found in the connection. Question 32: Correct Mathan has just purchased a domain name and created an A record to bind his domain name to an IP address. Which of the following tools should he use to verify the record was created properly? dig Explanation OBJ-5.3: The dig command is used to query the domain name system (DNS) to obtain information about host addresses, mail exchanges, nameservers, and related information. The arp command is used to view and modify the local address resolution protocol (ARP) cache of a device, which contains recently resolved MAC addresses of IP hosts on the network. The
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
tcpdump tool is a text-based packet capture and analysis tool that can capture packets and display the contents of a packet capture (pcap) file. The ipconfig command is used on Windows devices to display the current TCP/IP network configuration and refresh the DHCP and DNS settings on a given host. Question 33: Correct Your physical security manager, Janice, wants to ensure she can detect any unauthorized access to the data center. Which technology should be used to meet her requirement? video surveillance Explanation OBJ-4.5: Since she requires to detect unauthorized access, video surveillance should be utilized. Closed-circuit television is a type of video surveillance where video cameras transmit a signal to a specific place using a limited set of monitors. If she were trying to prevent access from occurring, the other three options would provide that. Still, they cannot detect unauthorized access (for example, if the attacker stole a valid smart card or access badge). A biometric lock is any lock that can be activated by biometric features, such as a fingerprint, voiceprint, or retina scan. Biometric locks make it more difficult for someone to counterfeit the key used to open the lock or a user’s account. A smart card is a form of hardware token. A smart card, chip card, PIV card, or integrated circuit card is a physical, electronic authorization device used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit chip. In high-security environments, employee badges may contain a smart card embedded chip that must be inserted into a smart card reader to log in or access information on the system. A badge reader can be used to read a security badge using RFID, a smart card, or a barcode to authenticate a user. Question 34: Correct Alexander needs to set up two public-facing web servers and ensure that an attacker cannot access its intranet if those servers are compromised. Which of the following should he use? DMZ

Related Documents

spring23_ML_Classification.pdf
5.6.6 Practice Questions.docx
5.5.14 Practice Questions.docx
5.2.5 Practice Questions.docx
homework2.pdf
CIS 270 Final Exam Fall 2023 .docx
APIPA.pdf
IT-FP3355_HinesJon_AssesmentNumber1-Attempt2.docx
ACS-1903-050-F2023 Assignment 3.pdf
Case Study week main 3.docx
Screenshot 5.8.2 2.png
assignment3_MECHTRON_3X03.pdf
Recommended textbooks for you
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Comptia A+ Core 1 Exam: Guide To Computing Infras...
Computer Science
ISBN:9780357108376
Author:Jean Andrews, Joy Dark, Jill West
Publisher:Cengage Learning
Text book image
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Comptia A+ Core 1 Exam: Guide To Computing Infras...
Computer Science
ISBN:9780357108376
Author:Jean Andrews, Joy Dark, Jill West
Publisher:Cengage Learning
Text book image
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
SEE MORE TEXTBOOKS