Network Administrator Patricia is doing an audit of the network. Below are some of her findings
concerning DNS. Which of these would be a cause for alarm?
Select the best answer.
A.
There are two external DNS Servers for Internet domains. Both are AD integrated.
There are two external DNS Servers for Internet domains. Both are AD integrated. This is the
correct answer. Having an AD integrated DNS external server is a serious cause for alarm. There
is no need for this and it causes vulnerability on the network.
UDP is filtered by a gateway
B.
All external DNS is done by an ISP.
All external DNS is done by an ISP.
This is not the correct answer. This would not be a cause for alarm. This would actually reduce the
company’s network risk as it is offloaded onto the ISP.
The packet TTL value is too low and cannot reach the target
C.
Internal AD Integrated DNS servers are using private DNS names that are
Internal AD Integrated DNS servers are using private DNS names that are unregistered. This is
not the correct answer. This would not be a cause for alarm. This would actually reduce the
company’s network risk.
The host might be down
D.
unregistered.
Private IP addresses are used on the internal network and are registered with the internal AD
integrated DNS server.
This is not the correct answer. This would not be a cause for alarm. This would actually reduce the
company’s network risk.
QUESTION 536
Doug is conducting a port scan of a target network. He knows that his client target network has a
web server and that there is a mail server also which is up and running. Doug has been sweeping
the network but has not been able to elicit any response from the remote target. Which of the
following could be the most likely cause behind this lack of response? Select 4.
The destination network might be down
E.
Private IP addresses are used on the internal network and are registered with the internal AD
integrated DNS server.
The TCP windows size does not match
A.
There are two external DNS Servers for Internet domains. Both are AD integrated.
There are two external DNS Servers for Internet domains. Both are AD integrated. This is the
correct answer. Having an AD integrated DNS external server is a serious cause for alarm. There
is no need for this and it causes vulnerability on the network.
UDP is filtered by a gateway
B.
All external DNS is done by an ISP.
All external DNS is done by an ISP.
This is not the correct answer. This would not be a cause for alarm. This would actually reduce the
company’s network risk as it is offloaded onto the ISP.
The packet TTL value is too low and cannot reach the target
C.
Internal AD Integrated DNS servers are using private DNS names that are
Internal AD Integrated DNS servers are using private DNS names that are unregistered. This is
not the correct answer. This would not be a cause for alarm. This would actually reduce the
company’s network risk.
The host might be down
D.
unregistered.
Private IP addresses are used on the internal network and are registered with the internal AD
integrated DNS server.
This is not the correct answer. This would not be a cause for alarm. This would actually reduce the
company’s network risk.
QUESTION 536
Doug is conducting a port scan of a target network. He knows that his client target network has a
web server and that there is a mail server also which is up and running. Doug has been sweeping
the network but has not been able to elicit any response from the remote target. Which of the
following could be the most likely cause behind this lack of response? Select 4.
The destination network might be down
A.
There are two external DNS Servers for Internet domains. Both are AD integrated.
There are two external DNS Servers for Internet domains. Both are AD integrated. This is the
correct answer. Having an AD integrated DNS external server is a serious cause for alarm. There
is no need for this and it causes vulnerability on the network.
UDP is filtered by a gateway
B.
All external DNS is done by an ISP.
All external DNS is done by an ISP.
This is not the correct answer. This would not be a cause for alarm. This would actually reduce the
company’s network risk as it is offloaded onto the ISP.
The packet TTL value is too low and cannot reach the target
C.
Internal AD Integrated DNS servers are using private DNS names that are
Internal AD Integrated DNS servers are using private DNS names that are unregistered. This is
not the correct answer. This would not be a cause for alarm. This would actually reduce the
company’s network risk.
The host might be down
D.
unregistered.
Private IP addresses are used on the internal network and are registered with the internal AD
integrated DNS server.
This is not the correct answer. This would not be a cause for alarm. This would actually reduce the
company’s network risk.
QUESTION 536
Doug is conducting a port scan of a target network. He knows that his client target network has a
web server and that there is a mail server also which is up and running. Doug has been sweeping
the network but has not been able to elicit any response from the remote target. Which of the
following could be the most likely cause behind this lack of response? Select 4.
The destination network might be down
E.
Private IP addresses are used on the internal network and are registered with the internal AD
integrated DNS server.
The TCP windows size does not match
F.
ICMP is filtered by a gateway
Explanation:
If the destination host or the destination network is down there is no way to get an
answer and if TTL (Time To Live) is set too low the UDP packets will “die” before reaching the host
because of too many hops between the scanning computer and the target. The TCP receive
window size is the amount of received data (in bytes) that can be buffered during a connection.
The sending host can send only that amount of data before it must wait for an acknowledgment
and window update from the receiving host and ICMP is mainly used for echo requests and not in
port scans.
Please, check this question, has been editions errors
Whom are you speaking to??
there’s no admins on this web.
I noted the question as well